Prerequisites
Students taking this course should have a working knowledge of Linux and strong Microsoft Windows skills, a solid understanding of computer networking, and CompTIA Security+ and Network+ certification or equivalent knowledge.
Detailed Class Syllabus
Chapter 1: Intro to Ethical Hacking
Current trends and security threats
Scope and limitations of ethical hacking
Information security management, policies, and incident management
Vulnerability research, pen test process, and security acts/laws
Chapter 2: Footprinting and Reconnaissance
Footprinting terminology
Footprinting methodology
Footprinting tools
Footprinting countermeasures / pen test steps
Chapter 3: Scanning Networks
Check for live systems and ports / identifying services
Banner grabbing / OS fingerprinting
Scanning for vulnerabilities
Draw network diagrams
Prepare proxies
Pen test steps for scanning networks
Chapter 4: Enumeration
Extracting user names, machine names, and network resources from a system
Enumerate NetBIOS, SNMP, LDAP, NTP, SMTP, and DNS
Using various tools extract information
Pen test steps for enumeration
Chapter 5: System Hacking
Gaining access, maintaining access, and clearing logs
Hacking tools (keyloggers, spyware, and root kits)
Steganography techniques
System attack countermeasures
Pen test steps for system hacking
Chapter 6: Malware Threats
Malware propagation techniques
Trojans, viruses, and worms
Malware analysis
Detect virus’, worms, and trojans
Pen test steps for malware threats
Chapter 7: Sniffing
Basic concepts of sniffing on the network
MAC flooding, DHCP attacks, ARP spoofing, and ARP/DNS poisoning
Sniffing tools
Pen test steps for sniffing
Chapter 8: Social Engineering
Social engineering attack phases
Types of social engineering
Impersonation based social engineering
Social engineering countermeasures
Pen test steps in social engineering
Chapter 9: Denial of Service
Classify DoS and DDoS attacks and techniques
Botnets and how they infect a system
Tools used to perform DoS/DDoS
Pen test steps for DoS/DDoS
Chapter 10: Session Hijacking
Concepts
Techniques and tools
Countermeasures
Pen test steps for session hijacking
Chapter 11: Hacking Webservers
Reasons for webserver compromise
Open source and IIS architecture
Attack tools and techniques
Countermeasures
Pen test steps for hacking webservers
Chapter 12: Hacking Web Applications
Intro to web applications
Web application architecture
Threats and attacks
Web application hacking and security tools
Pen test steps for web applications
Chapter 13: SQL Injection
Threats from SQL injection attacks
Types of attacks
Methodology, injection tools, and detection tools
Pen test steps for SQL injection
Chapter 14: Hacking Wireless Networks
Types of wireless networks and standards
Terminology and encryption
Threats and hacking wireless network methodology
Pen test steps in hacking wireless networks
Chapter 15: Hacking Mobile Platforms
Mobile attack vectors
Android OS architecture
Jailbreaking IOS
Windows phone 8 architecture
Pen test steps in hacking wireless networks
Chapter 16: Evading IDS, Firewalls, and Honeypots
IDS, firewall, and honeypot solutions
IDS, firewall, and honeypot placement
Evasion techniques
Tools and countermeasures
Pen test steps in evading IDS, Firewalls, and Honeypots
Chapter 17: Cloud Computing
Basics of cloud computing and services
Security considerations
Threats, tools, and attacks
Pen test steps in cloud computing
Chapter 18: Cryptography
Intro to cryptography concepts
Tools
Public Key Infrastructure (PKI)
Cyphers, AES, DES
RSA
Pen test steps for cryptography