Global ERP Solutions

Certified Ethical Hacker(CEH)

The Certified Ethical Hacker (CEH) certification equips cybersecurity professionals with essential skills in ethical hacking techniques and methodologies. This certification program covers a broad spectrum of security domains, including network scanning, system hacking, malware threats, social engineering, and cryptography. CEH training emphasizes practical knowledge and hands-on experience in identifying vulnerabilities, assessing risks, and implementing effective countermeasures to protect systems and data from malicious attacks. By obtaining CEH certification, professionals demonstrate their ability to ethically hack and secure systems, contributing to enhanced cybersecurity practices within organizations worldwide.

Prerequisite

Requires at least two years of work experience in the information security domain.

Familiarity with networking basics, such as TCP/IP protocols and subnetting, is beneficial.

Basic knowledge of operating systems (Windows, Linux) and proficiency in basic programming/scripting languages can be advantageous.

Total Duration: 39 Hours

What will you learn?

1 Enumeration

Enumeration is the process of actively gathering detailed information such as usernames, shared resources, and device names from a target.

2 Introduction to Ethical Hacking

Ethics and legal considerations Types of hackers Phases of ethical hacking Penetration testing methodologies

3 Footprinting and Reconnaissance

Footprinting concepts Information gathering techniques WHOIS lookup Social engineering for information gathering

4 Scanning Networks

Network scanning techniques, Port scanning, Network mapping, Vulnerability scanning.

5 Enumeration

Techniques for enumeration, SNMP enumeration, LDAP enumeration, NTP enumeration

6 Vulnerability Analysis

Vulnerability assessment techniques, Vulnerability scanning tools, Vulnerability databases, Common vulnerabilities and exposures (CVE)

7 System Hacking

Password cracking techniques, Privilege escalation, Escalating privileges using exploits, Covering tracks and hiding files

8 Malware Threats

Types of malware (viruses, worms, trojans, etc.), Malware analysis techniques, Anti-malware technologies, Malware detection and removal

9 Sniffing

Sniffing techniques and tools, Sniffing countermeasures (encryption, ARP spoofing prevention), Packet sniffing for passwords and data

10 Social Engineering

Social engineering techniques, Phishing attacks, Spear phishing, Social engineering countermeasures

11 Denial-of-Service (DoS)

DoS and DDoS attacks, DoS attack techniques (flood attacks, amplification attacks), DoS attack tools, DoS attack prevention and mitigation

12 Session Hijacking

Session hijacking techniques (session fixation, session sidejacking), Man-in-the-middle (MITM) attacks, Session hijacking countermeasures, HTTPS and secure session management

13 Evading IDS (Intrusion Detection Systems)

IDS evasion techniques, IDS detection mechanisms, IDS evasion tools, Evading IPS (Intrusion Prevention Systems)

14 Firewalls and Honeypots

Firewall types and configurations, Firewall evasion techniques, Honeypot concepts and deployment, Detecting and responding to honeypot attacks

15 Hacking Web Servers

Web server architecture and vulnerabilities, Web server attack techniques (directory traversal, HTTP methods), Web server hardening techniques, Web server security tools

16 Hacking Web Applications

Web application architecture and security, Web application attack vectors (XSS, CSRF, etc.), SQL injection attacks, Web application security testing tools

17 SQL Injection

SQL injection concepts and techniques, Types of SQL injection attacks (blind SQLi, error-based SQLi), SQL injection detection and prevention, SQL injection tools

18 Hacking Wireless Networks

Wireless network security fundamentals, Wireless network encryption standards (WEP, WPA, WPA2), Wireless cracking techniques (WPS attacks, packet capture), Wireless security tools

19 Hacking Mobile Platforms

Mobile platform security fundamentals b. Mobile device management (MDM) c. Mobile application security d. Mobile exploitation techniques

20 IoT Hacking

IoT security challenges, IoT attack vectors, IoT device exploitation techniques, IoT security best practices

21 Cloud Computing

Cloud computing fundamentals, Cloud security considerations, Cloud deployment models (public, private, hybrid), Cloud security tools and services

22 Cryptography

Cryptography fundamentals, Symmetric and asymmetric encryption, Hashing algorithms, Digital signatures and certificates