×

ATCEH10 - CEHv10: Certified Ethical Hacker v10

Certified Ethical Hacker is a comprehensive ethical hacking and information systems security auditing program focusing on latest security threats, advanced attack vectors and practical real time demonstration of latest hacking techniques, methodologies, tools, tricks and security measures. It delivers technical depth of the content with an emphasis on vulnerability assessment, risk assessment, and penetration testing.

This class immerses students in an interactive environment where they learn how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. The majority of the class is hands-on labs with instruction to explain, reinforce, and show how these hacking tools and techniques can be used to secure and defend real world networks.

Students begin by seeing how perimeter defenses work. They next learn how to reconnoiter, scan and attack their own networks and how intruders escalate privileges. Students also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When students leave this intensive 5 day class they have hands on understanding and experience in Ethical Hacking and what they can do to analyze and secure their own network without harming their own assets.

CEHv10 is ANSI accredited and focuses on the latest hacking attacks targeted to mobile platform and tablet computers and covers countermeasures to secure mobile infrastructure. The latest development in mobile and web technologies including Google Android OS, Apple iOS, Windows Phone, and HTML 5 as well as mobile applications and mobile app stores.

*CEHv10 Certification exam not included with course, must be purchased by the student directly from EC-Council.

Click here to print this page »

Prerequisites


Students must have at least one year of hands-on experience in computer security. Students that are new to computer security should begin with the SEC+501 – Security+ course or the CISSP – Information Security for the IT Professional course.
Students must have a strong understanding of the TCP/IP Protocol Suite, IP Routing and LAN Switching Concepts, name resolution protocols, and Internet technologies. A minimum of 12 months experience in networking or Cisco CCNA certification is recommended.

Detailed Class Syllabus


Module 01: Introduction to Ethical Hacking


Information Security Overview
Information Security Threats and Attack Vectors
Hacking Concepts
Ethical Hacking Concepts
Information Security Controls
Penetration Testing Concepts
Information Security Laws and Standards

Module 02: Footprinting and Reconnaissance


Footprinting Concepts
Footprinting through Search Engines
Footprinting through Web Services
Footprinting through Social Networking Sites
Website Footprinting
Email Footprinting
Competitive Intelligence
Whois Footprinting
DNS Footprinting
Network Footprinting
Footprinting through Social Engineering
Footprinting Tools
Countermeasures
Footprinting Pen Testing

Module 03: Scanning Networks


Network Scanning Concepts
Scanning Tools
Scanning Techniques
Scanning Beyond IDS and Firewall
Banner Grabbing
Draw Network Diagrams
Scanning Pen Testing

Module 04: Enumeration


Enumeration Concepts
NetBIOS Enumeration
SNMP Enumeration
LDAP Enumeration
NTP Enumeration
SMTP and DNS Enumeration
Other Enumeration Techniques
Enumeration Countermeasures
Enumeration Pen Testing

Module 05: Vulnerability Analysis


Vulnerability Assessment Concepts
Vulnerability Assessment Solutions
Vulnerability Scoring Systems
Vulnerability Assessment Tools
Vulnerability Assessment Reports

Module 06: System Hacking


System Hacking Concepts
Cracking Passwords
Escalating Privileges
Executing Applications
Hiding Files
Covering Tracks
Penetration Testing

Module 07: Malware Threats


Malware Concepts
Trojan Concepts
Virus and Worm Concepts
Malware Analysis
Countermeasures
Anti-Malware Software
Malware Penetration Testing

Module 08: Sniffing


Sniffing Concepts
Sniffing Technique: MAC Attacks
Sniffing Technique: DHCP Attacks
Sniffing Technique: ARP Poisoning
Sniffing Technique: Spoofing Attacks
Sniffing Technique: DNS Poisoning
Countermeasures
Sniffing Detection Techniques
Sniffing Pen Testing

Module 09: Social Engineering


Social Engineering Concepts
Social Engineering Techniques
Insider Threats
Impersonation on Social Networking Sites
Identity Theft
Countermeasures
Social Engineering Pen Testing

Module 10: Denial-of-Service


DoS/DDoS Concepts
DoS/DDoS Attack Techniques
Botnets
DDoS Case Study
DoS/DDoS Attack Tools
Countermeasures
DoS/DDoS Protection Tools
DoS/DDoS Penetration Testing

Module 11: Session Hijacking


Session Hijacking Concepts
Application Level Session Hijacking
Network Level Session Hijacking
Session Hijacking Tools
Countermeasures

Module 12: Evading IDS, Firewalls, and Honeypots


IDS, Firewall and Honeypot Concepts
IDS, Firewall and Honeypot Solutions
Evading IDS
Evading Firewalls
IDS/Firewall Evading Tools
Detecting Honeypots
IDS/Firewall Evasion Countermeasures
Penetration Testing

Module 13: Hacking Web Servers


Web Server Concepts
Web Server Attacks
Web Server Attack Methodology
Web Server Attack Tools
Countermeasures
Patch Management
Web Server Security Tools
Web Server Pen Testing

Module 14: Hacking Web Applications


Web App Concepts
Web App Threats
Hacking Methodology
Web App Hacking Tools
Countermeasures
Web App Security Testing Tools
Web App Pen Testing

Module 15: SQL Injection


SQL Injection Concepts
Types of SQL Injection
SQL Injection Methodology
SQL Injection Tools
Evasion Techniques
Countermeasures

Module 16: Hacking Wireless Networks


Wireless Concepts
Wireless Encryption
Wireless Threats
Wireless Hacking Methodology
Wireless Hacking Tools
Bluetooth Hacking
Countermeasures
Wireless Security Tools
Wireless Pen Testing

Module 17: Hacking Mobile Platforms


Mobile Platform Attack Vectors
Hacking Android OS
Hacking iOS
Mobile Spyware
Mobile Device Management
Mobile Security Guidelines and Tools
Mobile Pen Testing

Module 18: IoT Hacking


IoT Concepts
IoT Attacks
IoT Hacking Methodology
IoT Hacking Tools
Countermeasures
IoT Pen Testing

Module 19: Cloud Computing


Cloud Computing Concepts
Cloud Computing Threats
Cloud Computing Attacks
Cloud Security
Cloud Security Tools
Cloud Penetration Testing

Module 20: Cryptography


Cryptography Concepts
Encryption Algorithms
Cryptography Tools
Public Key Infrastructure (PKI)
Email Encryption
Disk Encryption
Cryptanalysis
Countermeasures