EC-Council - CEH-v10 - Certified Ethical Hacker v10

nicht mehr verfügbar

Classroom Schulung | Deutsch | Anspruch

Schulungsdauer: 5 Tage

Ziele

Dieses Training bietet Teilnehmern ein lernorientiertes, interaktives Umfeld, bei dem Scannen, Testen, Hacken und Schützen der eigenen Systeme vermittelt wird. Alle Teilnehmer erhalten eingehende Kenntnisse und praktische Erfahrungen mit aktuellen Sicherheitssystemen. Das Certified Ethical Hacker Training dient als Grundlage der aufbauenden Ausbildung zum Licensed Penetration Tester (LPT).

Der CEHv10 Kurs wird von einem zertifizierten EC-Council Trainer durchgeführt.

Zielgruppe

  • Fach- und Führungskräfte aus der IT-Sicherheit
  • IT-Auditoren
  • IT-Sicherheitsberater
  • Systemadministratoren und Netzwerktechniker
  • Fach- und Führungskräfte aus dem Support, insbesondere 3rd Level Support

Voraussetzungen

  • Serverkenntnisse Windows, sowie Linuxkenntnisse
  • Grundkenntnisse Netzwerk sowie zum TCP/IP Protokoll
  • Vorkenntnisse im Bereich Security sind optional aber von Vorteil

Agenda

Module 01: Introduction to Ethical Hacking

  • Information Security Overview
  • Information Security Threats and Attack Vectors
  • Hacking Concepts
  • Ethical Hacking Concepts
  • Information Security Controls
  • Penetration Testing Concepts
  • Information Security Laws and Standards

Module 02: Footprinting and Reconnaissance

  • Footprinting Concepts
  • Footprinting through Search Engines
  • Footprinting through Web Services
  • Footprinting through Social Networking Sites
  • Website Footprinting
  • Email Footprinting
  • Competitive Intelligence
  • Whois Footprinting
  • DNS Footprinting
  • Network Footprinting
  • Footprinting through Social Engineering
  • Footprinting Tools
  • Countermeasures
  • Footprinting Pen Testing

Module 03: Scanning Networks

  • Network Scanning Concepts
  • Scanning Tools
  • Scanning Techniques
  • Scanning Beyond IDS and Firewall
  • Banner Grabbing
  • Draw Network Diagrams
  • Scanning Pen Testing

Module 04: Enumeration

  • Enumeration Concepts
  • NetBIOS Enumeration
  • SNMP Enumeration
  • LDAP Enumeration
  • NTP Enumeration
  • SMTP and DNS Enumeration
  • Other Enumeration Techniques
  • Enumeration Countermeasures
  • Enumeration Pen Testing

Module 05: Vulnerability Analysis

  • Vulnerability Assessment Concepts
  • Vulnerability Assessment Solutions
  • Vulnerability Scoring Systems
  • Vulnerability Assessment Tools
  • Vulnerability Assessment Reports
  • Module 06: System Hacking
  • System Hacking Concepts
  • Cracking Passwords
  • Escalating Privileges
  • Executing Applications
  • Hiding Files
  • Covering Tracks
  • Penetration Testing

Module 06: System Hacking

  • System Hacking Concepts
  • Cracking Passwords
  • Escalating Privileges
  • Executing Applications
  • Hiding Files
  • Covering Tracks
  • Penetration Testing

Module 07: Malware Threats

  • Malware Concepts
  • Trojan Concepts
  • Virus and Worm Concepts
  • Malware Analysis
  • Countermeasures
  • Anti-Malware Software
  • Malware Penetration Testing

Module 08: Sniffing

  • Sniffing Concepts
  • Sniffing Technique: MAC Attacks
  • Sniffing Technique: DHCP Attacks
  • Sniffing Technique: ARP Poisoning
  • Sniffing Technique: Spoofing Attacks
  • Sniffing Technique: DNS Poisoning
  • Sniffing Tools
  • Countermeasures
  • Sniffing Detection Techniques
  • Sniffing Pen Testing

Module 09: Social Engineering

  • Social Engineering Concepts
  • Social Engineering Techniques
  • Insider Threats
  • Impersonation on Social Networking Sites
  • Identity Theft
  • Social Engineering Pen Testing

Module 10: Denial-of-Service

  • DoS/DDoS Concepts
  • DoS/DDoS Attack Techniques
  • Botnets
  • DDoS Case Study
  • DoS/DDoS Attack Tools
  • Countermeasures
  • DoS/DDoS Protection Tools
  • DoS/DDoS Penetration Testing

Module 11: Session Hijacking

  • Session Hijacking Concepts
  • Application Level Session Hijacking
  • Network Level Session Hijacking
  • Session Hijacking Tools
  • Countermeasures
  • Penetration Testing

Module 12: Evading IDS, Firewalls, and Honeypots

  • IDS, Firewall and Honeypot Concepts
  • IDS, Firewall and Honeypot Solutions
  • Evading IDS
  • Evading Firewalls
  • IDS/Firewall Evading Tools
  • Detecting Honeypots
  • IDS/Firewall Evasion Countermeasures
  • Penetration Testing

Module 13: Hacking Web Servers

  • Web Server Concepts
  • Web Server Attacks
  • Web Server Attack Methodology
  • Web Server Attack Tools
  • Countermeasures
  • Patch Management
  • Web Server Security Tools
  • Web Server Pen Testing

Module 14: Hacking Web Applications

  • Web App Concepts
  • Web App Threats
  • Hacking Methodology
  • Web App Hacking Tools
  • Countermeasures
  • Web App Security Testing Tools
  • Web App Pen Testing

Module 15: SQL Injection

  • SQL Injection Concepts
  • Types of SQL Injection
  • SQL Injection Methodology
  • SQL Injection Tools
  • Evasion Techniques
  • Countermeasures

Module 16: Hacking Wireless Networks

  • Wireless Concepts
  • Wireless Encryption
  • Wireless Threats
  • Wireless Hacking Methodology
  • Wireless Hacking Tools
  • Bluetooth Hacking
  • Countermeasures
  • Wireless Security Tools
  • Wireless Pen Testing

Module 17: Hacking Mobile Platforms

  • Mobile Platform Attack Vectors
  • Hacking Android OS
  • Hacking iOS
  • Mobile Spyware
  • Mobile Device Management
  • Mobile Security Guidelines and Tools
  • Mobile Pen Testing

Module 18: IoT Hacking

  • IoT Concepts
  • IoT Attacks
  • IoT Hacking Methodology
  • IoT Hacking Tools
  • Countermeasures

Module 19: Cloud Computing

  • Cloud Computing Concepts
  • Cloud Computing Threats
  • Cloud Computing Attacks
  • Cloud Security
  • Cloud Security Tools
  • Cloud Penetration Testing

Module 20: Cryptography

  • Cryptography Concepts
  • Encryption Algorithms
  • Cryptography Tools
  • Public Key Infrastructure (PKI)
  • Email Encryption
  • Disk Encryption
  • Cryptanalysis
  • Countermeasures

Ziele

Dieses Training bietet Teilnehmern ein lernorientiertes, interaktives Umfeld, bei dem Scannen, Testen, Hacken und Schützen der eigenen Systeme vermittelt wird. Alle Teilnehmer erhalten eingehende Kenntnisse und praktische Erfahrungen mit aktuellen Sicherheitssystemen. Das Certified Ethical Hacker Training dient als Grundlage der aufbauenden Ausbildung zum Licensed Penetration Tester (LPT).

Der CEHv10 Kurs wird von einem zertifizierten EC-Council Trainer durchgeführt.

Zielgruppe

  • Fach- und Führungskräfte aus der IT-Sicherheit
  • IT-Auditoren
  • IT-Sicherheitsberater
  • Systemadministratoren und Netzwerktechniker
  • Fach- und Führungskräfte aus dem Support, insbesondere 3rd Level Support

Voraussetzungen

  • Serverkenntnisse Windows, sowie Linuxkenntnisse
  • Grundkenntnisse Netzwerk sowie zum TCP/IP Protokoll
  • Vorkenntnisse im Bereich Security sind optional aber von Vorteil

Agenda

Module 01: Introduction to Ethical Hacking

  • Information Security Overview
  • Information Security Threats and Attack Vectors
  • Hacking Concepts
  • Ethical Hacking Concepts
  • Information Security Controls
  • Penetration Testing Concepts
  • Information Security Laws and Standards

Module 02: Footprinting and Reconnaissance

  • Footprinting Concepts
  • Footprinting through Search Engines
  • Footprinting through Web Services
  • Footprinting through Social Networking Sites
  • Website Footprinting
  • Email Footprinting
  • Competitive Intelligence
  • Whois Footprinting
  • DNS Footprinting
  • Network Footprinting
  • Footprinting through Social Engineering
  • Footprinting Tools
  • Countermeasures
  • Footprinting Pen Testing

Module 03: Scanning Networks

  • Network Scanning Concepts
  • Scanning Tools
  • Scanning Techniques
  • Scanning Beyond IDS and Firewall
  • Banner Grabbing
  • Draw Network Diagrams
  • Scanning Pen Testing

Module 04: Enumeration

  • Enumeration Concepts
  • NetBIOS Enumeration
  • SNMP Enumeration
  • LDAP Enumeration
  • NTP Enumeration
  • SMTP and DNS Enumeration
  • Other Enumeration Techniques
  • Enumeration Countermeasures
  • Enumeration Pen Testing

Module 05: Vulnerability Analysis

  • Vulnerability Assessment Concepts
  • Vulnerability Assessment Solutions
  • Vulnerability Scoring Systems
  • Vulnerability Assessment Tools
  • Vulnerability Assessment Reports
  • Module 06: System Hacking
  • System Hacking Concepts
  • Cracking Passwords
  • Escalating Privileges
  • Executing Applications
  • Hiding Files
  • Covering Tracks
  • Penetration Testing

Module 06: System Hacking

  • System Hacking Concepts
  • Cracking Passwords
  • Escalating Privileges
  • Executing Applications
  • Hiding Files
  • Covering Tracks
  • Penetration Testing

Module 07: Malware Threats

  • Malware Concepts
  • Trojan Concepts
  • Virus and Worm Concepts
  • Malware Analysis
  • Countermeasures
  • Anti-Malware Software
  • Malware Penetration Testing

Module 08: Sniffing

  • Sniffing Concepts
  • Sniffing Technique: MAC Attacks
  • Sniffing Technique: DHCP Attacks
  • Sniffing Technique: ARP Poisoning
  • Sniffing Technique: Spoofing Attacks
  • Sniffing Technique: DNS Poisoning
  • Sniffing Tools
  • Countermeasures
  • Sniffing Detection Techniques
  • Sniffing Pen Testing

Module 09: Social Engineering

  • Social Engineering Concepts
  • Social Engineering Techniques
  • Insider Threats
  • Impersonation on Social Networking Sites
  • Identity Theft
  • Social Engineering Pen Testing

Module 10: Denial-of-Service

  • DoS/DDoS Concepts
  • DoS/DDoS Attack Techniques
  • Botnets
  • DDoS Case Study
  • DoS/DDoS Attack Tools
  • Countermeasures
  • DoS/DDoS Protection Tools
  • DoS/DDoS Penetration Testing

Module 11: Session Hijacking

  • Session Hijacking Concepts
  • Application Level Session Hijacking
  • Network Level Session Hijacking
  • Session Hijacking Tools
  • Countermeasures
  • Penetration Testing

Module 12: Evading IDS, Firewalls, and Honeypots

  • IDS, Firewall and Honeypot Concepts
  • IDS, Firewall and Honeypot Solutions
  • Evading IDS
  • Evading Firewalls
  • IDS/Firewall Evading Tools
  • Detecting Honeypots
  • IDS/Firewall Evasion Countermeasures
  • Penetration Testing

Module 13: Hacking Web Servers

  • Web Server Concepts
  • Web Server Attacks
  • Web Server Attack Methodology
  • Web Server Attack Tools
  • Countermeasures
  • Patch Management
  • Web Server Security Tools
  • Web Server Pen Testing

Module 14: Hacking Web Applications

  • Web App Concepts
  • Web App Threats
  • Hacking Methodology
  • Web App Hacking Tools
  • Countermeasures
  • Web App Security Testing Tools
  • Web App Pen Testing

Module 15: SQL Injection

  • SQL Injection Concepts
  • Types of SQL Injection
  • SQL Injection Methodology
  • SQL Injection Tools
  • Evasion Techniques
  • Countermeasures

Module 16: Hacking Wireless Networks

  • Wireless Concepts
  • Wireless Encryption
  • Wireless Threats
  • Wireless Hacking Methodology
  • Wireless Hacking Tools
  • Bluetooth Hacking
  • Countermeasures
  • Wireless Security Tools
  • Wireless Pen Testing

Module 17: Hacking Mobile Platforms

  • Mobile Platform Attack Vectors
  • Hacking Android OS
  • Hacking iOS
  • Mobile Spyware
  • Mobile Device Management
  • Mobile Security Guidelines and Tools
  • Mobile Pen Testing

Module 18: IoT Hacking

  • IoT Concepts
  • IoT Attacks
  • IoT Hacking Methodology
  • IoT Hacking Tools
  • Countermeasures

Module 19: Cloud Computing

  • Cloud Computing Concepts
  • Cloud Computing Threats
  • Cloud Computing Attacks
  • Cloud Security
  • Cloud Security Tools
  • Cloud Penetration Testing

Module 20: Cryptography

  • Cryptography Concepts
  • Encryption Algorithms
  • Cryptography Tools
  • Public Key Infrastructure (PKI)
  • Email Encryption
  • Disk Encryption
  • Cryptanalysis
  • Countermeasures

Tags