EC-Council - CEH-v11 Certified Ethical Hacker v11
Classroom Schulung | Deutsch | Anspruch
Schulungsdauer: 5 Tage
Ziele
Dieses CEH v11 Training bietet Teilnehmern ein lernorientiertes, interaktives Umfeld, bei dem Scannen, Testen, Hacken und Schützen der eigenen Systeme vermittelt wird. Alle Teilnehmer erhalten eingehende Kenntnisse und praktische Erfahrungen mit aktuellen Sicherheitssystemen. Das Certified Ethical Hacker Training dient als Grundlage der aufbauenden Ausbildung zum Licensed Penetration Tester (LPT).
Der CEHv11 Kurs wird von einem zertifizierten und erfahrenen EC-Council Trainer durchgeführt.
Zielgruppe
Systemadministratoren und Netzwerkadministratoren
Fachleute / Beauftragte für Informationssicherheit
Risiko- / Bedrohungs- / Sicherheitslücken-Analyst
Fach- und Führungskräfte aus der IT-Sicherheit
IT-Auditoren
IT-Sicherheitsberater
Voraussetzungen
Serverkenntnisse Windows, sowie Linuxkenntnisse
Grundkenntnisse Netzwerk sowie zum TCP/IP Protokoll
Vorkenntnisse im Bereich Security sind optional aber von Vorteil
Agenda
Module 01: Introduction to Ethical Hacking
- Information Security Overview
- Cyber Kill Chain Concepts
- Hacking Concepts
- Ethical Hacking Concepts
- Information Security Controls
- Information Security Laws and Standards
Module 02: Footprinting and Reconnaissance
- Footprinting Concepts
- Footprinting through Search Engines
- Footprinting through Web Services
- Footprinting through Social Networking Sites
- Website Footprinting
- Email Footprinting
- Whois Footprinting
- DNS Footprinting
- Network Footprinting
- Footprinting through Social Engineering
- Footprinting Tools
- Footprinting Countermeasures
Module 03: Scanning Networks
- Network Scanning
- Scanning Tools
- Host Discovery
- Port and Service Discovery
- OS Discovery (Banner Grabbing/OS Fingerprinting)
- Scanning Beyond IDS and Firewall
- Draw Network Diagrams
Module 04: Enumeration
- Enumeration Concepts
- NetBIOS Enumeration
- SNMP Enumeration
- LDAP Enumeration
- NTP and NFS Enumeration
- SMTP and DNS Enumeration
- Other Enumeration Techniques
- Enumeration Countermeasures
Module 05: Vulnerability Analysis
- Vulnerability Assessment Concepts
- Vulnerability Classification and Assessment Types
- Vulnerability Assessment Solutions and Tools
- Vulnerability Assessment Reports
Module 06: System Hacking
- System Hacking Concepts
- Gaining Access
- Escalating Privileges
- Maintaining Access
- Clearing Logs
Module 07: Malware Threats
- Malware Concepts
- APT Concepts
- Trojan Concepts
- Virus and Worm Concepts
- Fileless Malware Concepts
- Malware Analysis
- Countermeasures
- Anti-Malware Software
Module 08: Sniffing
- Sniffing Concepts
- Sniffing Technique: MAC Attacks
- Sniffing Technique: DHCP Attacks
- Sniffing Technique: ARP Poisoning
- Sniffing Technique: Spoofing Attacks
- Sniffing Technique: DNS Poisoning
- Sniffing Tools
- Countermeasures
- Sniffing Detection Techniques
Module 09: Social Engineering
- Social Engineering Concepts
- Social Engineering Techniques
- Insider Threats
- Impersonation on Social Networking Sites
- Identity Theft
- Countermeasures
Module 10: Denial-of-Service
- DoS/DDoS Attack Techniques
- Botnets
- DDoS Case Study
- DoS/DDoS Attack Tools
- Countermeasures
- DoS/DDoS Protection Tools
Module 11: Session Hijacking
- Session Hijacking Concepts
- Application Level Session Hijacking
- Network Level Session Hijacking
- Session Hijacking Tools
- Countermeasures
Module 12: Evading IDS, Firewalls, and Honeypots
- IDS, IPS, Firewall, and Honeypot Concepts
- IDS, IPS, Firewall, and Honeypot Solutions
- Evading IDS
- Evading Firewalls
- IDS/Firewall Evading Tools
- Detecting Honeypots
- IDS/Firewall Evasion Countermeasures
Module 13: Hacking Web Servers
- Web Server Concepts
- Web Server Attacks
- Web Server Attack Methodology
- Web Server Attack Tools
- Countermeasures
- Patch Management
- Web Server Security Tools
Module 14: Hacking Web Applications
- Web Application Concepts
- Web Application Threats
- Web Application Hacking Methodology
- Web API, Webhooks, and Web Shell
- Web Application Security
Module 15: SQL Injection
- SQL Injection Concepts
- Types of SQL Injection
- SQL Injection Methodology
- SQL Injection Tools
- Evasion Techniques
- Countermeasures
Module 16: Hacking Wireless Networks
- Wireless Concepts
- Wireless Encryption
- Wireless Threats
- Wireless Hacking Methodology
- Wireless Hacking Tools
- Bluetooth Hacking
- Countermeasures
- Wireless Security Tools
Module 17: Hacking Mobile Platforms
- Mobile Platform Attack Vectors
- Hacking Android OS
- Hacking iOS
- Mobile Device Management
- Mobile Security Guidelines and Tools
Module 18: IoT and OT Hacking
- IoT Hacking IoT Concepts
- IoT Attacks
- IoT Hacking Methodology
- IoT Hacking Tools
- Countermeasures
- OT Hacking OT Concepts
- OT Attacks
- OT Hacking Methodology
- OT Hacking Tools
- Countermeasures
Module 19: Cloud Computing
- Cloud Computing Concepts
- Container Technology
- Serverless Computing
- Cloud Computing Threats
- Cloud Hacking
- Cloud Security
Module 20: Cryptography
- Cryptography Concepts
- Encryption Algorithms
- Cryptography Tools
- Public Key Infrastructure (PKI)
- Email Encryption
- Disk Encryption
- Cryptanalysis
- Countermeasures
Ziele
Dieses CEH v11 Training bietet Teilnehmern ein lernorientiertes, interaktives Umfeld, bei dem Scannen, Testen, Hacken und Schützen der eigenen Systeme vermittelt wird. Alle Teilnehmer erhalten eingehende Kenntnisse und praktische Erfahrungen mit aktuellen Sicherheitssystemen. Das Certified Ethical Hacker Training dient als Grundlage der aufbauenden Ausbildung zum Licensed Penetration Tester (LPT).
Der CEHv11 Kurs wird von einem zertifizierten und erfahrenen EC-Council Trainer durchgeführt.
Zielgruppe
Systemadministratoren und Netzwerkadministratoren
Fachleute / Beauftragte für Informationssicherheit
Risiko- / Bedrohungs- / Sicherheitslücken-Analyst
Fach- und Führungskräfte aus der IT-Sicherheit
IT-Auditoren
IT-Sicherheitsberater
Voraussetzungen
Serverkenntnisse Windows, sowie Linuxkenntnisse
Grundkenntnisse Netzwerk sowie zum TCP/IP Protokoll
Vorkenntnisse im Bereich Security sind optional aber von Vorteil
Agenda
Module 01: Introduction to Ethical Hacking
- Information Security Overview
- Cyber Kill Chain Concepts
- Hacking Concepts
- Ethical Hacking Concepts
- Information Security Controls
- Information Security Laws and Standards
Module 02: Footprinting and Reconnaissance
- Footprinting Concepts
- Footprinting through Search Engines
- Footprinting through Web Services
- Footprinting through Social Networking Sites
- Website Footprinting
- Email Footprinting
- Whois Footprinting
- DNS Footprinting
- Network Footprinting
- Footprinting through Social Engineering
- Footprinting Tools
- Footprinting Countermeasures
Module 03: Scanning Networks
- Network Scanning
- Scanning Tools
- Host Discovery
- Port and Service Discovery
- OS Discovery (Banner Grabbing/OS Fingerprinting)
- Scanning Beyond IDS and Firewall
- Draw Network Diagrams
Module 04: Enumeration
- Enumeration Concepts
- NetBIOS Enumeration
- SNMP Enumeration
- LDAP Enumeration
- NTP and NFS Enumeration
- SMTP and DNS Enumeration
- Other Enumeration Techniques
- Enumeration Countermeasures
Module 05: Vulnerability Analysis
- Vulnerability Assessment Concepts
- Vulnerability Classification and Assessment Types
- Vulnerability Assessment Solutions and Tools
- Vulnerability Assessment Reports
Module 06: System Hacking
- System Hacking Concepts
- Gaining Access
- Escalating Privileges
- Maintaining Access
- Clearing Logs
Module 07: Malware Threats
- Malware Concepts
- APT Concepts
- Trojan Concepts
- Virus and Worm Concepts
- Fileless Malware Concepts
- Malware Analysis
- Countermeasures
- Anti-Malware Software
Module 08: Sniffing
- Sniffing Concepts
- Sniffing Technique: MAC Attacks
- Sniffing Technique: DHCP Attacks
- Sniffing Technique: ARP Poisoning
- Sniffing Technique: Spoofing Attacks
- Sniffing Technique: DNS Poisoning
- Sniffing Tools
- Countermeasures
- Sniffing Detection Techniques
Module 09: Social Engineering
- Social Engineering Concepts
- Social Engineering Techniques
- Insider Threats
- Impersonation on Social Networking Sites
- Identity Theft
- Countermeasures
Module 10: Denial-of-Service
- DoS/DDoS Attack Techniques
- Botnets
- DDoS Case Study
- DoS/DDoS Attack Tools
- Countermeasures
- DoS/DDoS Protection Tools
Module 11: Session Hijacking
- Session Hijacking Concepts
- Application Level Session Hijacking
- Network Level Session Hijacking
- Session Hijacking Tools
- Countermeasures
Module 12: Evading IDS, Firewalls, and Honeypots
- IDS, IPS, Firewall, and Honeypot Concepts
- IDS, IPS, Firewall, and Honeypot Solutions
- Evading IDS
- Evading Firewalls
- IDS/Firewall Evading Tools
- Detecting Honeypots
- IDS/Firewall Evasion Countermeasures
Module 13: Hacking Web Servers
- Web Server Concepts
- Web Server Attacks
- Web Server Attack Methodology
- Web Server Attack Tools
- Countermeasures
- Patch Management
- Web Server Security Tools
Module 14: Hacking Web Applications
- Web Application Concepts
- Web Application Threats
- Web Application Hacking Methodology
- Web API, Webhooks, and Web Shell
- Web Application Security
Module 15: SQL Injection
- SQL Injection Concepts
- Types of SQL Injection
- SQL Injection Methodology
- SQL Injection Tools
- Evasion Techniques
- Countermeasures
Module 16: Hacking Wireless Networks
- Wireless Concepts
- Wireless Encryption
- Wireless Threats
- Wireless Hacking Methodology
- Wireless Hacking Tools
- Bluetooth Hacking
- Countermeasures
- Wireless Security Tools
Module 17: Hacking Mobile Platforms
- Mobile Platform Attack Vectors
- Hacking Android OS
- Hacking iOS
- Mobile Device Management
- Mobile Security Guidelines and Tools
Module 18: IoT and OT Hacking
- IoT Hacking IoT Concepts
- IoT Attacks
- IoT Hacking Methodology
- IoT Hacking Tools
- Countermeasures
- OT Hacking OT Concepts
- OT Attacks
- OT Hacking Methodology
- OT Hacking Tools
- Countermeasures
Module 19: Cloud Computing
- Cloud Computing Concepts
- Container Technology
- Serverless Computing
- Cloud Computing Threats
- Cloud Hacking
- Cloud Security
Module 20: Cryptography
- Cryptography Concepts
- Encryption Algorithms
- Cryptography Tools
- Public Key Infrastructure (PKI)
- Email Encryption
- Disk Encryption
- Cryptanalysis
- Countermeasures
Zu diesem Lerninhalt werden folgende Lerngruppen angeboten
- Certified Ethical Hacker / v10/v11/v12 (CEH) - Lerngruppe