Certified Ethical Hacker

Certified Ethical Hacker

Prepare for the CEH certification while learning the latest ethical hacking techniques.

Ideally suited for intermediate-level students who want a high-level understanding of the concepts of Ethical Hacking, this course is taught in an open-ended, experimental atmosphere where you will have the opportunity to work with fellow students and the instructor to gain an appreciation for this exciting area. Included with the course are extensive reference manuals to guide your learning experience. In this 5-day course, you will be immersed in an interactive environment where you'll learn to scan, test, and secure your own systems. In this lab-intensive environment, you'll get in-depth knowledge and practical experience with the current essential security systems. Begin by discovering how perimeter defenses work. Then, learn to scan and attack your own network, how intruders escalate privileges, and what steps can be taken to secure a system. Also, learn about intrusion detection, policy creation, social engineering, open source intelligence, incident handling, and log interpretation.

Introduction & CD Tour

• Explaining the Certification
• Introducing Network ResourcesIntroduction to Network Risk
• Introducing Security

Hacking Fundamentals

• Exploiting Network Weaknesses
• Exploit Process
• Motivations
• Persistent vs. Casual
• Threat/Vulnerability Types
• White-Hat vs. Black-Hat

Hacking Methodologies

• Enumeration
• Network Elevation
• NMap Scan
• Penetration
• Reconnaissance
• Scanning
• System Elevation

Methodologies (cont.)

• Common Tools
• Expansion
• Housekeeping
• Other Tools
• Pilfer

Network Scanning Phases 1 & 2

• Discovery
• Network as a Target
• Network Topology
• Scanning the Network
• Scanning Tools

Network Scanning Phases 3 & 4

• CDP
• CDP Demo
• Common Conventions
• Enumerating
• Packet Analyzers
• Weak Passwords

Management/Physical Threats

• Design Errors
• Device Management
• Physical Security
• Physical Tools
• SolarWinds

Routers

• Attacks
• Router Components
• Routers & Domains
• Dynamic Routing
• RIP
• Tools

Bridges & Switches

• ARP Poisoning
• Concepts
• Root Bridges
• Vulnerabilities/Attacks

Firewalls

• Design Vulnerabilities
• Firewall Concepts
• Firewall Setup
• Firewall Traversal
• Vulnerabilities

Wireless

• Attacks
• Management Console
• Warchalking/WarDriving
• Wireless Concepts
• Wireless Security
• Wireless Modes
• Wireless Vulnerabilities
• WEP

W2K Hacking Phases 1 & 2

• Discovery/Reconnaissance
• Scanning

Enumerating Servers

• Database Servers
• Mail/IM Servers
• Network/Web Servers
• Syslog/IAS Servers

Enumeration Strategies & Tools

• Anonymous Connections
• Assorted Tools
• Browser/Client
• General Banner Grabbing
• LDAP Query Tools
• Net Commands
• Terminal Services
• Tool Concepts

Using Enumeration Tools

• Cain and Abel
• DumpSec
• NetCat
• Null Session

Penetrating Windows 2000/NT

• Account Management
• Default Configuration
• Default Accounts
• Identification
• Inherent OS Weaknesses
• NetBIOS API
• Tools
• Weaknesses

Penetration Tools & Strategies

• LSA
• Notepad Execution
• Sniffer
• Password Cracker

Elevation on Windows 2000/NT

• L0phtCrack
• Registry
• SAM Dump
• SAM File
• Tools/Vulnerabilities

Pilering

• More Targets
• Permissions
• Use Data
• Targets

File Permission Auditing

• Folder Permissions
• Registry Permissions
• File Delete Child
• File Delete Child Process

Expansion

• Account Policies
• Authentication
• Local Policies
• Relays and Proxies
• Scanning/Enumeration
• Service Accounts
• User Rights

Housekeeping

• Cleaning Up
• File Header
• Reentry
• Tools
• Strategies

Event Log Management

• Audit Object Access
• Log Utilities
• Set Up Audits

Terminal Server

• Detection Tools
• Monitoring ToolsAttack Applications
• Pipeupadmin
• Vulnerabilities

IIS

• Application Analysis
• Evaluation
• Input Validation
• Permissions
• Tools
• Weaknesses

Exploiting IIS

• File Traversal
• Overview
• View Results

Securing IIS

• Authentication
• Directory Browsing
• Directory Structure
• DLLs
• IDS
• Internet Service Manager
• ISAPI Filters
• Lockdown

Securing Windows 2000/NT

• Analyze
• Backups
• Best Practices
• Communication
• Penetration Analysis
• Restriction
• Tools
• User Education

Baseline Security Analysis

• Options
• Reports
• Security Analyzer
• Security Report
• Score and Templates

UNIX Hacking Phases 1-3

• Discovery/Reconnaissance
• Enumeration
• Scanning
• Usage
• Versions

UNIX Hacking Phases 4-7

• Brute Force Attack
• Concepts
• Dir. Se
• Expansion
• Housekeeping 
• Dir. Serv./Remoting
• Pilfer Points
• UNIX Resources

Security Policies

• Adapt to Security
• Cost
• Personnel/Culture
• Risk Assessment
• Security Plan

Prevention Strategies

• Fall Back Plan
• Discovery
• Passive/Proactive Plan
• Reaction
• Testing and Documentation
• When it Happens!