Certified Ethical Hacker - CEH

Certified Ethical Hacker CEHv9 Course Outline 

Focus on New Attack Vectors Emphasis on Cloud Computing Technology CEHv9 focuses on various threats and hacking attacks to the emerging cloud computing technology Covers wide-ranging countermeasures to combat cloud computing attacks Provides a detailed pen testing methodology for cloud systems to identify threats in advance Emphasis on Mobile Platforms and Tablet Computers CEHv9 focuses on the latest hacking attacks targeted to mobile platform and tablet computers and covers countermeasures to secure mobile infrastructure Coverage of latest development in mobile and  web technologies

New Vulnerabilities Are Addressed Heartbleed CVE-2014-0160 Heartbleed makes the SSL layer used by millions of websites and thousands of cloud providers vulnerable. Detailed coverage and labs in Module 18: Cryptography. Shellshock CVE-2014-6271 Shellshock exposes vulnerability in Bash, the widely-used shell for Unix-based operating systems such as Linux and OS X. Detailed coverage and labs in Module 11: Hacking Webservers Poodle CVE-2014-3566 POODLE lets attackers decrypt SSLv3 connections and hijack the cookie session that identifies you to a service, allowing them to control your account without needing your password. Case study in Module 18: Cryptography Hacking Using Mobile Phones CEHv9 focuses on performing hacking (Foot printing, scanning, enumeration, system hacking, sniffing, DDoS attack, etc.) using mobile phones Courseware covers latest mobile hacking tools in all the modules Coverage of latest Trojan, Virus, Backdoors Courseware covers Information Security Controls and Information Security Laws and Standards Labs on Hacking Mobile Platforms and Cloud Computing More than 40 percent new labs are added from Version 8 More than 1500 new/updated tools CEHv9 program focuses on addressing security issues to the latest operating systems like Windows 8.1 It also focuses on addressing the existing threats to operating environments dominated by Windows 7, Windows 8, and other operating systems (backward compatibility)

 Download CEH-9 Brochure  

Course Description

The Certified Ethical Hacker program is the pinnacle of the most desired information security training program any information security professional will ever want to be in. To master the hacking technologies, you will need to become one, but an ethical one! The accredited course provides the advanced hacking tools and techniques used by hackers and information security professionals alike to break into an organization. As we put it, “To beat a hacker, you need to think like a hacker”. This course will immerse you into the Hacker Mindset so that you will be able to defend against future attacks. The security mindset in any organization must not be limited to the silos of a certain vendor, technologies or pieces of equipment. This course prepares you for EC-Council Certified Ethical Hacker exam 312-50

This ethical hacking course puts you in the driver’s seat of a hands-on environment with a systematic process. Here, you will be exposed to an entirely different way of achieving optimal information security posture in their organization; by hacking it! You will scan, test, hack and secure your own systems. You will be taught the five phases of ethical hacking and the ways to approach your target and succeed at breaking in every time! The five phases include Reconnaissance, Gaining Access, Enumeration, Maintaining Access, and covering your tracks.

Underground

Hacking

Tools

The hacking tools and techniques in each of these five phases are provided in detail in an encyclopedic approach to help you identify when an attack has been used against your own targets. Why then is this training called the Certified Ethical Hacker Course? This is because by using the same techniques as the bad guys, you can assess the security posture of an organization with the same approach these malicious hackers use, identify weaknesses and fix the problems before they are identified by the enemy, causing what could potentially be a catastrophic damage to your respective organization.

We live in an age where attacks are all susceptible and come from anyplace at any time and we never know how skilled, well-funded, or persistent the threat will be. Throughout the CEH course, you will be immersed in a hacker's mindset, evaluating not just logical, but physical security. Exploring every possible point of entry to find the weakest link in an organization. From the end user, the secretary, the CEO, miss-configurations, vulnerable times during migrations even information left in the dumpster.

Who Should Attend

The Certified Ethical Hacking training course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure

Duration: 5 Days (9:00 AM – 5:00 PM)

Exam Info

    Number of Questions: 125

    Test Duration: 4 Hours

    Test Format: Multiple Choice

    Test Delivery: ECC EXAM, VUE

    Exam Prefix: ‪312-50 (ECC EXAM), 312-50 (VUE)

 

Certification

The Certified Ethical Hacker exam 312-50. Students need to pass the online Prometric exam to receive CEH certification.

Skills Measured

The exam 312-50 tests CEH candidates on the following 18 domains.

    Introduction to Ethical Hacking

    Footprinting and Reconnaissance

    Scanning Networks

    Enumeration

    System Hacking

    Malware Threats

    Sniffing

    Social Engineering

    Denial of Service

    Session Hijacking

    Hacking Webservers

    Hacking Web Applications

    SQL Injection

    Hacking Wireless Networks

    Hacking Mobile Platforms

    Evading IDS, Firewalls, and Honeypots

    Cloud Computing

    Cryptography

Section	Knowledge of		Weight	No. of Q.
Background	A	networking technologies (e.g., hardware, infrastructure)	4%	5
	B	Web Technologies (e.g., web 2.0, skype)
	C	Systems Technologies
	D	Communication Protocols
	E	Malware Operations
	F	Mobile Technologies (e.g., smart phones)
	G	Telecommunication Technologies
	H	backups and archiving (e.g., local, network)
Analysis/Assessment	A	Data Analysis	13%	16
	B	Systems Analysis
	C	Risk Assessments
	D	Technical Assessment Methods
Security	A	Systems Security Controls	25%	31
	B	Application/Fileserver
	C	Firewalls
	D	Cryptography
	E	Network Security
	F	Physical Security
	G	Threat Modeling
	H	Verification Procedures (e.g.,false positive/negative validation)
	I	Social Engineering (human factors manipulation)
	J	Vulnerability Scanners
	K	Security Policy Implications
	L	Privacy/Confidentiality (with regard to engagement)
	M	Biometrics
	N	Wireless Access Technology (e.g., networking, RFID, Blue tooth)
	O	Trusted Networks
	P	Vulnerabilities
Tools/Systems/Programs	A	Network/Host Based Intrusion
	B	Network/Wireless Sniffers (e.g., WireShark, Airsnort)
	C	Access Control Mechanisms (e.g., smart cards)
	D	Cryptography Techniques (e.g., IPsec, SSL, PGP)
	E	Programming Languages (e.g. C++, Java, C#, C)
	F	Scripting Languages (e.g., PHP, Java script)
	G	Boundary Protection Appliances (e.g., DMZ)
	H	Network Topologies
	I	Subnetting
	J	Port Scanning (e.g., NMAP)
	K	Domain Name System (DNS)
	L	Routers/Modems/Switches
	M	Vulnerability Scanner (e.g., Nessus, Retina)
	N	Vulnerability Management and Protection Systems (e.g., Foundstone, Ecora)
	O	Operating Environments (e.g., Linux, Windows, Mac)
	P	Antivirus Systems and Programs
	Q	Log Analysis Tools
	R	Security Models
	S	Exploitation Tools
	T	Database Structures
Procedures/Methodology	A	Cryptography	20%	25
	B	Public key Infrastructure (PKI)
	C	Security Architecture (SA)
	D	Service Oriented Architecture (SOA)
	E	Information Security Incident Management
	F	N-tier Application Design
	G	TCP/IP Networking (e.g., network routing)
	H	Security Testing Methodology
Regulation/Policy		Security Policies	4%	5
		Compliance Regulations (e.g., PCI)
Ethics	A	Professional Code of Conduct	2%	3
	B	Appropriateness of Hacking Activities