Ethical Hacking & Countermeasures Training Course - In Wembley HA9

This 5-day class will immerse you into an interactive environment where you'll be shown how to scan, test, hack and secure your own systems.

Available dates

15 - 19 Sep 2008 20 - 24 Oct 2008

17 - 21 Nov 2008 15 -19 Dec 2008

Who is this course suitable for?

This Wembley based certification will significantly benefit

• Security Officers
• Auditors
• Security Professionals
• Site Administrators
• Anyone concerned about the integrity of the network infrastructure.

What does this course cover?

The lab intensive environment gives in-depth knowledge and practical experience with the current essential security systems. You will begin by understanding how perimeter defences work and then be lead into scanning and attacking your own networks, no real network is harmed.

You then learn how intruders escalate privileges and what steps can be taken to secure a system. You'll also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When you leave this intensive 5-day class you will have hands on understanding and experience in Ethical Hacking and Countermeasures.

It prepares you to sit the Prometric examination Ethical Hacking and Countermeasures.

On successful completion of this examination you will be awarded the Certified Ethical Hacker certification awarded by the EC-Council (The International Council of Electronic Commerce Consultants).

Ethics and Legality

• What Ethical Hackers do
• Skill Profile of an Ethical Hacker
• Modes of Ethical Hacking
• Security Testing

• Defining Footprinting
• Information Gathering Methodology
• Locate the Network Range
• Hacking Tools

• Definition of Scanning
• Types of scanning
• Objectives of Scanning
• Scanning Methodology
• Classification of Scanning
• Hacking Tools

• What is Enumeration?
• NetBios Null Sessions
• Hacking Tools

• Administrator Password Guessing
• Manual Password Cracking Algorithm

• Effect on Business
• What is a Trojan?
• Overt and Covert Channels

• Man-in-the-Middle Attacks
• Spoofing and Sniffing Attacks
• ARP Poisoning and countermeasures
• Sniffing Countermeasures

• Reflected DOS Attacks
• Reflection of the Exploit
• Countermeasures for Reflected DoS
• Tools for Detecting DDOS Attacks

• Social Engineering

• Types of Session Hijacking
• TCP Concepts 3 Way Handshake
• Countermeasures: IP Security

• ispc.exe
• Microsoft IIS 5.0 - 5.1 remote denial of service Exploit Tool
• Microsoft Frontpage Server Extensions fp30reg.dll Exploit Tool
• GDI+ JPEG Remote Exploit Tool
• Windows Task Scheduler Exploit Tool
• Microsoft Windows POSIX Subsystem Local Privilege Escalation Exploit Tool

• Web Application Set-up
• Carnivore
• Google Hacking

• Attacks- Classification
• Password Guessing
• Query String
• Cookies
• Dictionary Maker
• Password Crackers Available

• Attacking SQL Servers

• Business and Wireless Attacks
• Access Point Positioning
• Tools to Generate Rogue Access Points
• What is Wireless Equivalent Privacy (WEP)?

Virus and Worms

• Virus Characteristics
• Symptoms of ‘viruslike’ attack
• What is a Virus Hoax?
• Terminologies
• How is a worm different from virus?
• Indications of a Virus Attack
• Virus History
• Virus damage
• Effect of Virus on Business
• Access Methods of a Virus
• Mode of Virus Infection
• Life Cycle of a virus

• Security statistics
• Physical Security breach incidents
• What is the need of Physical Security?
• Who is Accountable for Physical Security?

• Linux Vulnerabilities in 2003
• How to apply patches to vulnerable programs
• Scanning Networks
• Scanning Tool: Nessus
• Cheops
• LIDS (Linux Intrusion Detection System)
• Password cracking in Linux.
• Password cracking tools
• Linux Encryption Tools:

• Intrusion Detection Systems
• Ways to Detect Intrusion
• Types of Intrusion Detection System
• Intrusion Detection Tools
• Steps to perform after an IDS detects an intrusion
• Evading IDS systems
• Tools to Evade IDS

• Significance of Buffer Overflow Vulnerability
• Why are Programs/Applications Vulnerable?
• Buffer Overflows
• Reasons for Buffer Overflow Attacks
• How a Buffer Overflow occurs?
• Understanding Stacks
• Stack Implementation
• Stack based buffer overflow
• Shellcode
• Heap Based bufferoverflow

• Cryptography

• Need for a Methodology
• Penetration Test vs. Vulnerability Test
• Reliance on Checklists and Templates
• Pen-Test Using Cerberus Internet Scanner
• Pen-Test Using CyberCop Scanner
• Pen-Test Using Foundscan
• Pen-Test Using Nessus
• Pen-Test Using NetRecon
• Pen-Test Using Retina
• Pen-Test Using SAINT
• Pen-Test Using SecureNET
• Pen-Test Using SecureScan
• Pen-Test Using SATAN, SARA and Security Analyzer
• Pen-Test Using STAT Analyzer
• Pen-Test Using Twwscan

Are there entry requirements?

What's included?

Our package includes lunch and refreshments, and full course materials. 

 

Although the course is non-residential, we offer help finding appropriate hotels, close to the training venue.  To take advantage of this offer, drop us an email after you book your course.

How to book?

There are three ways to book your course, either online, via fax, or telephone:

• To book via telephone just call us on 0845 070 1750, and we’ll take of the details.
• To book via fax download our booking form, complete it and fax to us on +44 (0) 1353 662667.
• To book online simply enter the number of delegates you wish to send into the “Quantity” and select the course date from the drop down menu and click “Order now”.

We can also accept purchase orders from local authorities, government departments, and other public sector organisations and will consider account facilities for large corporate customers, follow this link to our payment options page for more information.

 

All bookings are subject to our terms and conditions.

 

Read what others have said about our training courses

RELATED PRODUCTS

To write review for this product Click here