9 Ethical Hacking courses delivered Live Online

Duration 5 Days 30 CPD hours This course is intended for The Certified Ethical Hacking v12 course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. Overview Information security controls, laws, and standards. Various types of footprinting, footprinting tools, and countermeasures. Network scanning techniques and scanning countermeasures Enumeration techniques and enumeration countermeasures Vulnerability analysis to identify security loopholes in the target organization?s network, communication infrastructure, and end systems. System hacking methodology, steganography, steganalysis attacks, and covering tracks to discover system and network vulnerabilities. Different types of malware (Trojan, Virus, worms, etc.), system auditing for malware attacks, malware analysis, and countermeasures. Packet sniffing techniques to discover network vulnerabilities and countermeasures to defend against sniffing. Social engineering techniques and how to identify theft attacks to audit human-level vulnerabilities and social engineering countermeasures. DoS/DDoS attack techniques and tools to audit a target and DoS/DDoS countermeasures. Session hijacking techniques to discover network-level session management, authentication/authorization, and cryptographic weaknesses and countermeasures. Webserver attacks and a comprehensive attack methodology to audit vulnerabilities in webserver infrastructure, and countermeasures. Web application attacks, comprehensive web application hacking methodology to audit vulnerabilities in web applications, and countermeasures. SQL injection attack techniques, injection detection tools to detect SQL injection attempts, and countermeasures. Wireless encryption, wireless hacking methodology, wireless hacking tools, and Wi-Fi security tools. Mobile platform attack vector, android vulnerability exploitations, and mobile security guidelines and tools. Firewall, IDS and honeypot evasion techniques, evasion tools and techniques to audit a network perimeter for weaknesses, and countermeasures. Cloud computing concepts (Container technology, serverless computing), the working of various threats and attacks, and security techniques and tools. Penetration testing, security audit, vulnerability assessment, and penetration testing roadmap. Threats to IoT and OT platforms and defending IoT and OT devices. Cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools. CEH provides an in-depth understanding of ethical hacking phases, various attack vectors, and preventative countermeasures. It will teach you how hackers think and act maliciously so you will be better positioned to setup your security infrastructure and defend against future attacks. An understanding of system weaknesses and vulnerabilities helps organizations strengthen their system security controls to minimize the risk of an incident. CEH was built to incorporate a hands-on environment and systematic process across each ethical hacking domain and methodology, giving you the opportunity to work towards proving the required knowledge and skills needed to achieve the CEH credential. You will be exposed to an entirely different posture toward the responsibilities and measures required to be secure. Now in its 12th version, CEH continues to evolve with the latest operating systems, tools, tactics, exploits, and technologies. 1 - INTRODUCTION TO ETHICAL HACKING * Information Security Overview * Cyber Kill Chain Concepts * Hacking Concepts * Ethical Hacking Concepts * Information Security Controls * Information Security Laws and Standards 2 - 2 - FOOT-PRINTING AND RECONNAISSANCE * Footprinting Concepts * Footprinting through Search Engines * Footprinting through Web Services * Footprinting through Social Networking Sites * Website Footprinting * Email Footprinting * Who is Footprinting * DNS Footprinting * Network Footprinting * Footprinting through Social Engineering * Footprinting Tools * Footprinting Countermeasures 3 - SCANNING NETWORKS * Network Scanning Concepts * Scanning Tools * Host Discovery * Port and Service Discovery * OS Discovery (Banner Grabbing/OS Fingerprinting) * Scanning Beyond IDS and Firewall * Draw Network Diagrams 4 - ENUMERATION * Enumeration Concepts * NetBIOS Enumeration * SNMP Enumeration * LDAP Enumeration * NTP and NFS Enumeration * SMTP and DNS Enumeration * Other Enumeration Techniques * Enumeration Countermeasures 5 - VULNERABILITY ANALYSIS * Vulnerability Assessment Concepts * Vulnerability Classification and Assessment Types * Vulnerability Assessment Solutions and Tools * Vulnerability Assessment Reports 6 - SYSTEM HACKING * System Hacking Concepts * Gaining Access * Escalating Privileges * Maintaining Access * Clearing Logs 7 - MALWARE THREATS * Malware Concepts * APT Concepts * Trojan Concepts * Virus and Worm Concepts * Fileless Malware Concepts * Malware Analysis * Countermeasures * Anti-Malware Software 8 - SNIFFING * Sniffing Concepts * Sniffing Technique: MAC Attacks * Sniffing Technique: DHCP Attacks * Sniffing Technique: ARP Poisoning * Sniffing Technique: Spoofing Attacks * Sniffing Technique: DNS Poisoning * Sniffing Tools * Countermeasures * Sniffing Detection Techniques 9 - SOCIAL ENGINEERING * Social Engineering Concepts * Social Engineering Techniques * Insider Threats * Impersonation on Social Networking Sites * Identity Theft * Countermeasures 10 - DENIAL-OF-SERVICE * DoS/DDoS Concepts * DoS/DDoS Attack Techniques * BotnetsDDoS Case Study * DoS/DDoS Attack Tools * Countermeasures * DoS/DDoS Protection Tools 11 - SESSION HIJACKING * Session Hijacking Concepts * Application Level Session Hijacking * Network Level Session Hijacking * Session Hijacking Tools * Countermeasures 12 - EVADING IDS, FIREWALLS, AND HONEYPOTS * IDS, IPS, Firewall, and Honeypot Concepts * IDS, IPS, Firewall, and Honeypot Solutions * Evading IDS * Evading Firewalls * IDS/Firewall Evading Tools * Detecting Honeypots * IDS/Firewall Evasion Countermeasures 13 - HACKING WEB SERVERS * Web Server Concepts * Web Server Attacks * Web Server Attack Methodology * Web Server Attack Tools * Countermeasures * Patch Management * Web Server Security Tools 14 - HACKING WEB APPLICATIONS * Web Application Concepts * Web Application Threats * Web Application Hacking Methodology * Web API, Webhooks, and Web Shell * Web Application Security 15 - SQL INJECTION * SQL Injection Concepts * Types of SQL Injection * SQL Injection Methodology * SQL Injection Tools * Evasion Techniques * Countermeasures 16 - HACKING WIRELESS NETWORKS * Wireless Concepts * Wireless Encryption * Wireless Threats * Wireless Hacking Methodology * Wireless Hacking Tools * Bluetooth Hacking * Countermeasures * Wireless Security Tools 17 - HACKING MOBILE PLATFORMS * Mobile Platform Attack Vectors * Hacking Android OS * Hacking iOS * Mobile Device Management * Mobile Security Guidelines and Tools 18 - IOT AND OT HACKING * IoT Hacking * IoT Concepts * IoT Attacks * IoT Hacking Methodology * IoT Hacking Tools * Countermeasures * OT Hacking * OT Concepts * OT Attacks * OT Hacking Methodology * OT Hacking Tools * Countermeasures 19 - CLOUD COMPUTING * Cloud Computing Concepts * Container Technology * Serverless Computing * Cloud Computing Threats * Cloud Hacking * Cloud Security 20 - CRYPTOGRAPHY * Cryptography Concepts * Encryption Algorithms * Cryptography Tools * Public Key Infrastructure (PKI) * Email Encryption * Disk Encryption * Cryptanalysis * Countermeasures ADDITIONAL COURSE DETAILS: Nexus Humans EC-Council Certified Ethical Hacker (CEH) v.12 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the EC-Council Certified Ethical Hacker (CEH) v.12 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for The C|CT is ideal for anyone looking to start their career in cybersecurity or add a strong foundational understanding of the cybersecurity concepts and techniques required to be effective on the job. The course is especially well suited to: Early-career IT professionals, IT managers, career changers, and career advancers Students and recent graduates Overview After completing this course, you will understand: Key concepts in cybersecurity, including information security and network security Information security threats, vulnerabilities, and attacks The different types of malware Identification, authentication, and authorization Network security controls Network security assessment techniques and tools (threat hunting, threat intelligence, vulnerability assessment, ethical hacking, penetration testing, configuration and asset management) Application security design and testing techniques Fundamentals of virtualization, cloud computing, and cloud security Wireless network fundamentals, wireless encryption, and related security measures Fundamentals of mobile, IoT, and OT devices and related security measures Cryptography and public-key infrastructure Data security controls, data backup and retention methods, and data loss prevention techniques Network troubleshooting, traffic and log monitoring, and analysis of suspicious traffic The incident handling and response process Computer forensics and digital evidence fundamentals, including the phases of a forensic investigation Concepts in business continuity and disaster recovery Risk management concepts, phases, and frameworks EC-Council?s C|CT certification immerses students in well-constructed knowledge transfer. Training is accompanied by critical thinking challenges and immersive lab experiences that allow candidates to apply their knowledge and move into the skill development phase in the class itself. Upon completing the program, C|CT-certified professionals will have a strong foundation in cybersecurity principles and techniques as well as hands-on exposure to the tasks required in real-world jobs. COURSE OUTLINE * Information Security Threats and Vulnerabilities * Information Security Attacks * Network Security Fundamentals * Identification, Authentication, and Authorization * Network Security Controls: Administrative Controls * Network Security Controls: Physical Controls * Network Security Controls: Technical Controls * Network Security Assessment Techniques and Tools * Application Security * Virtualization and Cloud Computing * Wireless Network Security * Mobile Device Security * Internet of Things (IoT) and Operational Technology (OT) Security * Cryptography * Data Security * Network Troubleshooting * Network Traffic Monitoring * Network Log Monitoring and Analysis * Incident Response * Computer Forensics * Business Continuity and Disaster Recovery * Risk Management

Duration 5 Days 30 CPD hours This course is intended for The CHFI course will benefit: Police and other laws enforcement personnel Defense and Military personnel e-Business Security professionals Systems administrators Legal professionals Banking, Insurance and other professionals Government agencies Overview At the end of this course, you will possess the skills needed to: Understand the fundamentals of computer forensics Understand the computer forensic investigation process Describe in detail different types of hard disks and file systems Understand data acquisition and duplication Counteract anti-forensic techniques Leverage forensic skills in Windows, Linux, and Mac Investigate web attacks Understand dark web forensics Deploy forensic techniques for databases, cloud, and networks Investigate email crimes including malware Perform forensics in mobile and IoT environments Every crime leaves a digital footprint, and you need the skills to track those footprints. In this course, students will learn to unravel these pieces of evidence, decode them and report them. From decoding a hack to taking legal action against the perpetrators, they will become an active respondent in times of cyber-breaches. COMPUTER FORENSICS IN TODAY?S WORLD * 1.1. Understand the Fundamentals of Computer Forensics * 1.2. Understand Cybercrimes and their Investigation Procedures * 1.3. Understand Digital Evidence * 1.4. Understand Forensic Readiness, Incident Response and the Role of SOC (Security * Operations Center) in Computer Forensics * 1.5. Identify the Roles and Responsibilities of a Forensic Investigator * 1.6. Understand the Challenges Faced in Investigating Cybercrimes * 1.7. Understand Legal Compliance in Computer Forensics * COMPUTER FORENSICS INVESTIGATION PROCESS * 2.1. Understand the Forensic Investigation Process and its Importance * 2.2. Understand the Pre-investigation Phase * 2.3. Understand First Response * 2.4. Understand the Investigation Phase * 2.5. Understand the Post-investigation Phase * UNDERSTANDING HARD DISKS AND FILE SYSTEMS * 3.1. Describe Different Types of Disk Drives and their Characteristics * 3.2. Explain the Logical Structure of a Disk * 3.3. Understand Booting Process of Windows, Linux and Mac Operating Systems * 3.4. Understand Various File Systems of Windows, Linux and Mac Operating Systems * 3.5. Examine File System Using Autopsy and The Sleuth Kit Tools * 3.6 Understand Storage Systems * 3.7. Understand Encoding Standards and Hex Editors * 3.8. Analyze Popular File Formats Using Hex Editor * DATA ACQUISITION AND DUPLICATION * 4.1. Understand Data Acquisition Fundamentals * 4.2. Understand Data Acquisition Methodology * 4.3. Prepare an Image File for Examination * DEFEATING ANTI-FORENSICS TECHNIQUES * 5.1. Understand Anti-forensics Techniques * 5.2. Discuss Data Deletion and Recycle Bin Forensics * 5.3. Illustrate File Carving Techniques and Ways to Recover Evidence from Deleted Partitions * 5.4. Explore Password Cracking/Bypassing Techniques * 5.5. Detect Steganography, Hidden Data in File System Structures, Trail Obfuscation, and File Extension Mismatch * 5.6. Understand Techniques of Artifact Wiping, Overwritten Data/Metadata Detection, and Encryption * 5.7. Detect Program Packers and Footprint Minimizing Techniques * 5.8. Understand Anti-forensics Countermeasures * WINDOWS FORENSICS * 6.1. Collect Volatile and Non-volatile Information * 6.2. Perform Windows Memory and Registry Analysis * 6.3. Examine the Cache, Cookie and History Recorded in Web Browsers * 6.4. Examine Windows Files and Metadata * 6.5. Understand ShellBags, LNK Files, and Jump Lists * 6.6. Understand Text-based Logs and Windows Event Logs * LINUX AND MAC FORENSICS * 7.1. Understand Volatile and Non-volatile Data in Linux * 7.2. Analyze Filesystem Images Using The Sleuth Kit * 7.3. Demonstrate Memory Forensics Using Volatility & PhotoRec * 7.4. Understand Mac Forensics * * NETWORK FORENSICS * 8.1. Understand Network Forensics * 8.2. Explain Logging Fundamentals and Network Forensic Readiness * 8.3. Summarize Event Correlation Concepts * 8.4. Identify Indicators of Compromise (IoCs) from Network Logs * 8.5. Investigate Network Traffic * 8.6. Perform Incident Detection and Examination with SIEM Tools * 8.7. Monitor and Detect Wireless Network Attacks * INVESTIGATING WEB ATTACKS * 9.1. Understand Web Application Forensics * 9.2. Understand Internet Information Services (IIS) Logs * 9.3. Understand Apache Web Server Logs * 9.4. Understand the Functionality of Intrusion Detection System (IDS) * 9.5. Understand the Functionality of Web Application Firewall (WAF) * 9.6. Investigate Web Attacks on Windows-based Servers * 9.7. Detect and Investigate Various Attacks on Web Applications * DARK WEB FORENSICS * 10.1. Understand the Dark Web * 10.2. Determine How to Identify the Traces of Tor Browser during Investigation * 10.3. Perform Tor Browser Forensics * DATABASE FORENSICS * 11.1. Understand Database Forensics and its Importance * 11.2. Determine Data Storage and Database Evidence Repositories in MSSQL Server * 11.3. Collect Evidence Files on MSSQL Server * 11.4. Perform MSSQL Forensics * 11.5. Understand Internal Architecture of MySQL and Structure of Data Directory * 11.6. Understand Information Schema and List MySQL Utilities for Performing Forensic Analysis * 11.7. Perform MySQL Forensics on WordPress Web Application Database * CLOUD FORENSICS * 12.1. Understand the Basic Cloud Computing Concepts * 12.2. Understand Cloud Forensics * 12.3. Understand the Fundamentals of Amazon Web Services (AWS) * 12.4. Determine How to Investigate Security Incidents in AWS * 12.5. Understand the Fundamentals of Microsoft Azure * 12.6. Determine How to Investigate Security Incidents in Azure * 12.7. Understand Forensic Methodologies for Containers and Microservices * INVESTIGATING EMAIL CRIMES * 13.1. Understand Email Basics * 13.2. Understand Email Crime Investigation and its Steps * 13.3. U.S. Laws Against Email Crime * MALWARE FORENSICS * 14.1. Define Malware and Identify the Common Techniques Attackers Use to Spread Malware * 14.2. Understand Malware Forensics Fundamentals and Recognize Types of Malware Analysis * 14.3. Understand and Perform Static Analysis of Malware * 14.4. Analyze Suspicious Word and PDF Documents * 14.5. Understand Dynamic Malware Analysis Fundamentals and Approaches * 14.6. Analyze Malware Behavior on System Properties in Real-time * 14.7. Analyze Malware Behavior on Network in Real-time * 14.8. Describe Fileless Malware Attacks and How they Happen * 14.9. Perform Fileless Malware Analysis - Emotet * MOBILE FORENSICS * 15.1. Understand the Importance of Mobile Device Forensics * 15.2. Illustrate Architectural Layers and Boot Processes of Android and iOS Devices * 15.3. Explain the Steps Involved in Mobile Forensics Process * 15.4. Investigate Cellular Network Data * 15.5. Understand SIM File System and its Data Acquisition Method * 15.6. Illustrate Phone Locks and Discuss Rooting of Android and Jailbreaking of iOS Devices * 15.7. Perform Logical Acquisition on Android and iOS Devices * 15.8. Perform Physical Acquisition on Android and iOS Devices * 15.9. Discuss Mobile Forensics Challenges and Prepare Investigation Report * IOT FORENSICS * 16.1. Understand IoT and IoT Security Problems * 16.2. Recognize Different Types of IoT Threats * 16.3. Understand IoT Forensics * 16.4. Perform Forensics on IoT Devices *

Duration 5 Days 30 CPD hours This course is intended for IS Security Owners Security Officers Ethical Hackers Information Owners Penetration Testers System Owners and Managers Cyber Security Engineers Overview Upon completion, the Certified Professional Ethical Hacker candidate will be able to competently take the C)PEH exam. To protect an information system you need to be able to see that system through the eyes of the attacker.ÿThe Certified Professional Ethical Hackerÿcertification course is the foundational training to Mile2?s line of penetration testing courses because it teaches you to think like a hacker.ÿ Therefore, you can set up dynamic defenses to prevent intrusion. First, you will learn the value of vulnerability assessments.ÿ Then, you will discover how to use those assessments to make powerful changes in an information system?s security. Additionally, you will learn how malware and destructive viruses function and how to implement counter response and preventative measures when it comes to a network hack. COURSE INTRODUCTION * Introduction to Ethical Hacking * Linux Fundamentals * Protocols * Cryptography * Password Cracking * Malware * Security Devices * Information Gathering ? Passive Reconnaissance * Social Engineering * Active Reconnaissance * Vulnerability Assessment * Network Attacks * Hacking Servers * Hacking Web Technologies * Hacking Wireless Technologies * Maintaining Access and Covering Tracks

PENETRATION TESTING TRAINING COURSE DESCRIPTION An advanced technical hands on course focusing on hacking and counter hacking. The course revolves around a series of exercises based on "hacking" into a network (pen testing the network) and then defending against the hacks. WHAT WILL YOU LEARN * Perform penetration tests. * Explain the technical workings of various penetration tests. * Produce reports on results of penetration tests. * Defend against hackers. PENETRATION TESTING TRAINING COURSE DETAILS * Who will benefit: Technical support staff, auditors and security professionals. Staff who are responsible for network infrastructure integrity. * Prerequisites: IP Security IP VPNs * Duration 5 days PENETRATION TESTING TRAINING COURSE CONTENTS * Introduction Hacking concepts, phases, types of attacks, 'White hacking', What is penetration testing? Why use pen testing, black box vs. white box testing, equipment and tools, security lifecycles, counter hacking, pen testing reports, methodologies, legal issues. * Physical security and social engineering Testing access controls, perimeter reviews, location reviews, alarm response testing. Request testing, guided suggestions, trust testing. Social engineering concepts, techniques, counter measures, Identity theft, Impersonation on social media, Footprints through social engineering * Reconnaissance (discovery) Footprinting methodologies, concepts, threats and countermeasures, WHOIS footprinting, Gaining contacts and addresses, DNS queries, NIC queries, ICMP ping sweeping, system and server trails from the target network, information leaks, competitive intelligence. Scanning pen testing. * Gaining access Getting past passwords, password grinding, spoofed tokens, replays, remaining anonymous. * Scanning (enumeration) Gaining OS info, platform info, open port info, application info. Routes used, proxies, firewalking, Port scanning, stealth port scanning, vulnerability scanning, FIN scanning, Xmas tree scanning, Null scanning, spoofed scanning, Scanning beyond IDS. Enumeration concepts, counter measures and enumeration pen testing. * Hacking Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology, hacking tools and countermeasures. * Trojan, Backdoors, Sniffers, Viruses and Worms Detection, concepts, countermeasures, Pen testing Trojans, backdoors, sniffers and viruses. MAC attacks, DHCP attacks, ARP poisoning, DNS poisoning Anti-Trojan software, Malware analysis Sniffing tools. * Exploiting (testing) vulnerabilities Buffer overflows,, simple exploits, brute force methods, UNIX based, Windows based, specific application vulnerabilities. * DoS/DDoS Concepts, techniques, attack tools, Botnet, countermeasures, protection tools, DoS attack pen testing. * SQL Injection Types and testing, Blind SQL Injection, Injection tools, evasion and countermeasures. * Securing networks 'Hurdles', firewalls, DMZ, stopping port scans, IDS, Honeypots, Router testing, firewall testing, IDS testing, Buffer Overflow. * Cryptography PKI, Encryption algorithms, tools, Email and Disk Encryption. * Information security Document grinding, privacy.

OVERVIEW -------------------------------------------------------------------------------- Cyber Security plays an important role in every business as it encompasses everything that relates to protecting sensitive data, personal information, intellectual property, data, and governmental and industry information systems from theft and damage attempted by criminals and adversaries. This course is designed to understand and gain practical skills to plan, deliver and monitor IT/cyber security to internal and external clients understanding a complete, knowledge in the areas of IT policies, Security-Operational-Run-Book, security/penetration testing, ethical hacking and black hat hacking including understanding the basics of Kali Operating System and its tools and techniques. It will also cover WiFi security, Website security, human factors, cyber forensics, and cyber security team management, including all other areas in relation to Cyber Security.

This is the perfect launch pad for a technical career in Cyber Security and fully prepares every delegate for the prestigious Certified Ethical Hacking (CEH) Course that comes next on the Cyber & Hacking Learning Pathways by Nemstar.

Duration 5 Days 30 CPD hours This course is intended for ECSS is designed for anyone who wants to enhance their skills and make a career in information security, network security, and computer forensics fields. It can be IT Specialists, Network Administrators, or System Administrators. Overview Upon successful completion of this course, students will learn: Key issues plaguing the information security, network security, and computer forensics. Fundamentals of networks and various components of the OSI and TCP/IP model. Various network security protocols. Various types of information security threats and attacks, and their countermeasures. Social engineering techniques, identify theft, and social engineering countermeasures. Different stages of the hacking cycle Identification, authentication, and authorization concepts Different types of cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools. Fundamentals of firewall, techniques for bypassing firewall, and firewall technologies such as Bastion Host, DMZ, Proxy Servers, Network Address Translation, Virtual Private Network, and Honeypot. Fundamentals of IDS and IDS evasion techniques. Data backup techniques and VPN security. Wireless Encryption, wireless threats, wireless hacking tools, and Wi-Fi security. Different types of web server and web application attacks, and countermeasures. Fundamentals of ethical hacking and pen testing. Incident handling and response process. Cyber-crime and computer forensics investigation methodology. Different types of digital evidence and digital evidence examination process. Different type of file systems and their comparison (based on limit and features). Gathering volatile and non-volatile information from Windows and network forensics analysis mechanism. Steganography and its techniques. Different types of log capturing, time synchronization, and log capturing tools. E-mails tracking and e-mail crimes investigation. Writing investigation report. This is an entry-level security program covering the fundamental concepts and giving a holistic overview of the key components of information security, computer forensics, and network security. COURSE OUTLINE * Information Security Fundamentals * Networking Fundamentals * Secure Network Protocols * Information Security Threats and Attacks * Social Engineering * Hacking Cycle * Identification, Authentication, and Authorization * Cryptography * Firewalls * Intrusion Detection System * Data Backup * Virtual Private Network * Wireless Network Security * Web Security * Ethical Hacking and Pen Testing * Incident Response * Computer Forensics Fundamentals * Digital Evidence * Understanding File Systems * Windows Forensics * Network Forensics and Investigating Network Traffic * Steganography * Analyzing Logs * E-mail Crime and Computer Forensics * Writing Investigative Report ADDITIONAL COURSE DETAILS: Nexus Humans EC-Council Certified Security Specialist (ECSS) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the EC-Council Certified Security Specialist (ECSS) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for This course is targeted towards the information technology (IT) professional that has a minimum 1 year IT Security and Networking experience. This course would be ideal for Information System Owners, Security Officers, Ethical Hackers, Information Owners, Penetration Testers, System Owner and Managers as well as Cyber Security Engineers. Overview Upon completion, the Certified Professional Ethical Hacker candidate will be able to competently take the CPEH exam. The CPEH certification training enables students to understand the importance of vulnerability assessments and how to implement counter response along with preventative measures when it comes to a network hack. SECURITY FUNDAMENTALS * Overview * The Growth of * Environments and Security * Our Motivation? * The Goal: Protecting Information! * CIA Triad in Detail * Approach Security Holistically * Security Definitions * Definitions Relationships * Method: Ping * The TCP/IP Stack * Which Services Use Which Ports? * TCP 3-Way Handshake * TCP Flags * Malware * Types of Malware * Types of Malware Cont... * Types of Viruses * More Malware: Spyware * Trojan Horses * Back Doors * DoS * DDoS * Packet Sniffers * Passive Sniffing * Active Sniffing * Firewalls, IDS and IPS * Firewall ? First * Line of Defense * IDS ? Second Line of Defense * IPS ? Last Line of Defense? * Firewalls * Firewall Types: * (1) Packet Filtering * Firewall Types: * (2) Proxy Firewalls * Firewall Types ? * Circuit-Level Proxy Firewall * Type of Circuit- * Level Proxy ? SOCKS * Firewall Types ? * Application-Layer Proxy * Firewall Types: (3) Stateful * Firewall Types: * (4) Dynamic Packet-Filtering * Firewall Types: * (5) Kernel Proxies * Firewall Placement * Firewall Architecture * Types ? Screened Host * Multi- or Dual-Homed * Screened Subnet * Wi-Fi Network Types * Wi-Fi Network Types * Widely Deployed Standards * Standards Comparison * 802.11n - MIMO * Overview of Database Server * Review ACCESS CONTROLS * Overview * Role of Access Control * Definitions * More Definitions * Categories of Access Controls * Physical Controls * Logical Controls * ?Soft? Controls * Security Roles * Steps to Granting Access * Access Criteria * Physical Access * Control Mechanisms * Biometric System Types * Synchronous Token * Asynchronous Token Device * Memory Cards * Smart Card * Cryptographic Keys * Logical Access Controls * OS Access Controls * Linux Access Controls * Accounts and Groups * Password & * Shadow File Formats * Accounts and Groups * Linux and UNIX Permissions * Set UID Programs * Trust Relationships * Review PROTOCOLS * Protocols Overview * OSI ? Application Layer * OSI ? Presentation Layer * OSI ? Session Layer * Transport Layer * OSI ? Network Layer * OSI ? Data Link * OSI ? Physical Layer * Protocols at * Each OSI Model Layer * TCP/IP Suite * Port and Protocol Relationship * Conceptual Use of Ports * UDP versus TCP * Protocols ? ARP * Protocols ? ICMP * Network Service ? DNS * SSH Security Protocol * SSH * Protocols ? SNMP * Protocols ? SMTP * Packet Sniffers * Example Packet Sniffers * Review CRYPTOGRAPHY * Overview * Introduction * Encryption * Cryptographic Definitions * Encryption Algorithm * Implementation * Symmetric Encryption * Symmetric Downfalls * Symmetric Algorithms * Crack Times * Asymmetric Encryption * Public Key * Cryptography Advantages * Asymmetric * Algorithm Disadvantages * Asymmetric * Algorithm Examples * Key Exchange * Symmetric versus Asymmetric * Using the * Algorithm Types Together * Instructor Demonstration * Hashing * Common Hash Algorithms * Birthday Attack * Example of a Birthday Attack * Generic Hash Demo * Instructor Demonstration * Security Issues in Hashing * Hash Collisions * MD5 Collision Creates * Rogue Certificate Authority * Hybrid Encryption * Digital Signatures * SSL/TLS * SSL Connection Setup * SSL Hybrid Encryption * SSH * IPSec - Network Layer Protection * IPSec * IPSec * Public Key Infrastructure * Quantum Cryptography * Attack Vectors * Network Attacks * More Attacks (Cryptanalysis) * Review WHY VULNERABILITY ASSESSMENTS? * Overview * What is a * Vulnerability Assessment? * Vulnerability Assessment * Benefits of a * Vulnerability Assessment * What are Vulnerabilities? * Security Vulnerability Life Cycle * Compliance and Project Scoping * The Project * Overview Statement * Project Overview Statement * Assessing Current * Network Concerns * Vulnerabilities in Networks * More Concerns * Network Vulnerability * Assessment Methodology * Network Vulnerability * Assessment Methodology * Phase I: Data Collection * Phase II: Interviews, Information Reviews, and Hands-On Investigation * Phase III: Analysis * Analysis cont. * Risk Management * Why Is Risk * Management Difficult? * Risk Analysis Objectives * Putting Together * the Team and Components * What Is the Value of an Asset? * Examples of Some Vulnerabilities that Are Not Always Obvious * Categorizing Risks * Some Examples * of Types of Losses * Different Approaches * to Analysis * Who Uses What? * Qualitative Analysis Steps * Quantitative Analysis * ALE Values Uses * ALE Example * ARO Values and Their Meaning * ALE Calculation * Can a Purely Quantitative Analysis Be Accomplished? * Comparing Cost and Benefit * Countermeasure Criteria * Calculating Cost/Benefit * Cost of a Countermeasure * Can You Get Rid of All Risk? * Management?s Response to Identified Risks * Liability of Actions * Policy Review * (Top-Down) Methodology * Definitions * Policy Types * Policies with Different Goals * Industry Best * Practice Standards * Components that Support the Security Policy * Policy Contents * When Critiquing a Policy * Technical (Bottom-Up) * Methodology * Review VULNERABILITY TOOLS OF THE TRADE * Vulnerability Scanners * Nessus * SAINT ? Sample Report * Tool: Retina * Qualys Guard * http://www.qualys.com/products/overview/ * Tool: LANguard * Microsoft Baseline Analyzer * MBSA Scan Report * Dealing with Assessment Results * Patch Management Options * Review OUTPUT ANALYSIS AND REPORTS * Overview * Staying Abreast: Security Alerts * Vulnerability Research Sites * Nessus * SAINT * SAINT Reports * GFI Languard * GFI Reports * MBSA * MBSA Reports * Review RECONNAISSANCE, ENUMERATION & SCANNING * Reconnaissance Overview * Step One in the * Hacking ?Life-Cycle? * What Information is * Gathered by the Hacker? * Passive vs. Active Reconnaissance * Footprinting Defined * Social Access * Social Engineering Techniques * Social Networking Sites * People Search Engines * Internet Archive: * The WayBack Machine * Footprinting Tools Overview * Maltego GUI * Johnny.Ihackstuff.com * Google (cont.) * Domain Name Registration * WHOIS Output * DNS Databases * Using Nslookup * Traceroute Operation * Web Server Info Tool: Netcraft * Introduction to Port Scanning * Which Services * use Which Ports? * Port Scan Tips * Port Scans Shou