SlideShare a Scribd company logo

certified-ethical-hacker-cehv12_course_content.pdf

infosec train
infosec train

The Certified Ethical Hacker (C|EH v12) program is one of the most respected certifications in the cybersecurity field. https://www.infosectrain.com/courses/certified-ethical-hacker-ceh-training/

Related slideshows

Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing
 
Leveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageLeveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common Language
 
1 of 23
Download to read offline
ONLINE TRAINING & CERTIFICATION CERTIFIED ETHICAL HACKER V12 LEARN 01 CERTIFY 02 ENGAGE 03 COMPETE 04
www.infosectrain.com | sales@infosectrain.com C|EH V12 COURSE OVERVIEW
www.infosectrain.com | sales@infosectrain.com Why C|EH v12? Since the threat in the cyber world is increasing continuously, the industry needs cyber security professionals who prevent threats and attacks in organizations worldwide. The Certified Ethical Hacker (C|EH v12) program is one of the most respected certifications in the cybersecurity field. The EC-Council has introduced new updated technologies in C|EH v12 program including the MITRE ATT&CK Framework, Diamond Model of Intrusion Analysis, Techniques for Establishing Persistence, Evading NAC and Endpoint Security, Fog Computing, Edge Computing, and Grid Computing. These updated technologies will prepare you to think like a hacker, so you have the skills to protect your infrastructure.
The EC-Council’s C|EH v12 certification training program ocuses on training ambitious security professionals to gain ethical hacking skills through the real implementation of scanning, testing, hacking, and securing systems. You can leverage the following benefits with InfosecTrain: Why C|EH v12 Training Program with InfosecTrain? We can help you present your qualifications and work experience for the designated profile. We provide a flexible training schedule. We provide recorded videos after the session to each participant. We provide post-training assistance. We also create groups for discussion. We also provide a certificate of participation to each candidate. www.infosectrain.com | sales@infosectrain.com
C|EH v12 tools that InfosecTrain Teach www.infosectrain.com | sales@infosectrain.com Scanners/Frameworks Tools Metasploit Reconness Nikto Nmap Angry IP scanner Miscellaneous Hacking Tools Wireshark THC Hydra John the Ripper Sqlmap Vulnerability Assessment Tools Burp Suite OpenVAS Nessus Hping3 Msfvenom NetScan Security Testing Tools Burp Suite Wireless Networking Tools Other Tools Aircrack-ng
www.infosectrain.com | sales@infosectrain.com Target Audience Ethical Hackers System Administrators Network Administrators Engineers Web Managers Auditors Security Professionals Pre-requisites Basic understanding of network essentials and core concepts, including server and network components
www.infosectrain.com | sales@infosectrain.com Exam Details NUMBER OF QUESTIONS EXAM DETAILS MCQ EXAM PRACTICAL EXAM 125 QUESTIONS 20 QUESTIONS EXAM DURATION 4 HOURS 6 HOURS EXAM FORMAT MULTIPLE CHOICE QUESTIONS ILABS CYBER RANGE PASSING SCORE 60%-80% 70% EXAM PREFIX 312-50(ECCEXAM, VUE), 312-50 (VUE) EXAM DELIVERY ECCEXAM, VUE - -
www.infosectrain.com | sales@infosectrain.com Module 1: Introduction to Ethical Hacking > Elements of Information Security > Cyber Kill Chain Methodology > MITRE ATT&CK Framework > Hacker Classes > Ethical Hacking > Information Assurance (IA) > Risk Management > Incident Management > PCI DSS > HIPPA > SOX > GDPR Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures. Key topics covered: Course Content
www.infosectrain.com | sales@infosectrain.com Module 2: Foot Printing and Reconnaissance Learn how to use the latest techniques and tools to perform foot printing and reconnaissance, a critical pre-attack phase of the ethical hacking process. Hands-On Lab Exercises: Over 30 hands-on exercises with real-life simulated targets to build skills on how to: Module 3: Scanning Networks > Perform host, port, service, and OS discovery on the target network > Perform scanning on the target network beyond IDS and firewall Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures. Hands-On Lab Exercises: Over 10 hands-on exercises with real-life simulated targets to build skills on how to: Module 4: Enumeration > Perform NetBIOS, SNMP, LDAP, NFS, DNS, SMTP, RPC, SMB, and FTP Enumeration Learn various enumeration techniques, such as Border Gateway Protocol (BGP) and Network File Sharing (NFS) exploits, plus associated countermeasures. Hands-On Lab Exercises: Over 20 hands-on exercises with real-life simulated targets to build skills on how to:
www.infosectrain.com | sales@infosectrain.com Module 5: Vulnerability Analysis Learn how to identify security loopholes in a target organization’s network, communication infrastructure, and end systems. Hands-On Lab Exercises: Over 5 hands-on exercises with real-life simulated targets to build skills on how to: Module 6: System Hacking > Perform Online active online attack to crack the system’s password > Perform buffer overflow attack to gain access to a remote system > Escalate privileges using privilege escalationtools > Escalate privileges in linux machine > Hide data using steganography > Clear Windows and Linux machine logs using various utilities > Hiding artifacts in Windows and Linux machines Learn about the various system hacking methodologies—including steganography, steganalysis attacks, and covering tracks—used to discover system and network vulnerabilities. Hands-On Lab Exercises: Over 25 hands-on exercises with real-life simulated targets to build skills on how to:
www.infosectrain.com | sales@infosectrain.com Module 7: Malware Threats > Gain control over a victim machine using Trojan > Infect the target system using a virus > Perform static and dynamic malware analysis Get an introduction to the different types of malware, such as Trojans, viruses, and worms, as well as system auditing for malware attacks, malware analysis, and countermeasures. Hands-On Lab Exercises: Over 20 hands-on exercises with real-life simulated targets to build skills on how to: Key topics covered: > Malware, Components of Malware > APT > Trojan > Types of Trojans > Exploit Kits > Virus > Virus Lifecycle > Types of Viruses > Ransomware > Computer Worms > Fileless Malware > Malware Analysis > Static Malware Analysis > Dynamic Malware Analysis > Virus Detection Methods > Trojan Analysis > Virus Analysis > Fileless Malware Analysis > Anti-Trojan Software > Antivirus Software > Fileless Malware Detection Tools
www.infosectrain.com | sales@infosectrain.com Module 8: Sniffing > Perform MAC flooding, ARP poisoning, MITM and DHCP starvation attack > Spoof a MAC address of Linux machine > Perform network sniffing using various sniffing tools > Detect ARP poisoning in a switch-based network Learn about packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks. Hands-On Lab Exercises: Over 10 hands-on exercises with real-life simulated targets to build skills on how to: Key topics covered: > Network Sniffing > Wiretapping > MAC Flooding > DHCP Starvation Attack > ARP Spoofing Attack > ARP Poisoning > ARP Poisoning Tools > MAC Spoofing > STP Attack > DNS Poisoning > DNS Poisoning Tools > Sniffing Tools > Sniffer Detection Techniques > Promiscuous Detection Tools
www.infosectrain.com | sales@infosectrain.com Module 9: Social Engineering > Perform social engineering using Various Techniques > Spoof a MAC address of a Linux machine > Detect a phishing attack > Audit an organization’s security for phishing attacks Learn social engineering concepts and techniques, including how to identify theft attempts, audit human-level vulnerabilities, and suggest social engineer- ing countermeasures. Hands-On Lab Exercises: Over 4 hands-on exercises with real-life simulated targets to build skills on how to: Module 10: Denial-of-Service > Perform a DoS and DDoS attack on a target host > Detect and protect against DoS and DDoS attacks Learn about different Denial-of-Service (DoS) and Distributed DoS (DDoS) attack techniques, as well as the tools used to audit a target and devise DoS and DDoS countermeasures and protections. Hands-On Lab Exercises: Over 5 hands-on exercises with real-life simulated targets to build skills on how to: Key topics covered: > Social Engineering > Types of Social Engineering > Phishing > Phishing Tools > Insider Threats/Insider Attacks > Identity Theft
www.infosectrain.com | sales@infosectrain.com Key topics covered: > DoS Attack, DDoS Attack > Botnets > DoS/DDoS Attack Techniques > DoS/DDoS Attack Tools > DoS/DDoS Attack Detection Techniques > DoS/DDoS Protection Tools Module 11: Session Hijacking > Perform session hijacking using various tools > Detect session hijacking Understand the various session hijacking techniques used to discover network-level session management, authentication, authorization, and cryptographic weaknesses and associated countermeasures. Hands-On Lab Exercises: Over 4 hands-on exercises with real-life simulated targets to build skills on how to: Key topics covered: > Session Hijacking > Types of Session Hijacking > Spoofing > Application-Level Session Hijacking > Man-in-the-Browser Attack > Client-side Attacks > Session Replay Attacks > Session Fixation Attack > CRIME Attack > Network Level Session Hijacking > TCP/IP Hijacking > Session Hijacking Tools > Session Hijacking Detection Methods > Session Hijacking Prevention Tools
www.infosectrain.com | sales@infosectrain.com Module 12: Evading IDS, Firewalls, and Honeypots > Bypass Windows Firewall > Bypass firewall rules using tunneling > Bypass antivirus Get introduced to firewall, intrusion detection system, and honeypot evasion techniques; the tools used to audit a network perimeter for weaknesses; and countermeasures. Hands-On Lab Exercises: Over 7 hands-on exercises with real-life simulated targets to build skills on how to: Module 13: Hacking Web Servers > Perform web server reconnaissance using various tools > Enumerate web server information > Crack FTP credentials using a dictionary attack Learn about web server attacks, including a comprehensive attack methodology used to audit vulnerabilities in web server infrastructures and countermeasures. Hands-On Lab Exercises: Over 8 hands-on exercises with real-life simulated targets to build skills on how to: Key topics covered: > Web Server Operations > Web Server Attacks > DNS Server Hijacking > Website Defacement > Web Cache Poisoning Attack > Web Server Attack Methodology > Web Server Attack Tools > Web Server Security Tools > Patch Management > Patch Management Tools
www.infosectrain.com | sales@infosectrain.com Module 14: Hacking Web Applications Learn about web application attacks, including a comprehensive web applica- tion hacking methodology used to audit vulnerabilities in web applications and countermeasures. Hands-On Lab Exercises: Over 15 hands-on exercises with real-life simulated targets to build skills on how to: Key topics covered: > Web Application Architecture > Web Application Threats > OWASP Top 10 Application Security Risks – 2021 > Web Application Hacking Methodology > Web API > Webhooks and Web Shell > Web API Hacking Methodology > Web Application Security
www.infosectrain.com | sales@infosectrain.com Module 15: SQL Injections Learn about SQL injection attack techniques, injection detection tools, and countermeasures to detect and defend against SQL injection attempts. Hands-On Lab Exercises: Over 4 hands-on exercises with real-life simulated targets to build skills on how to: Key topics covered: > SQL Injection > Types of SQL injection > Blind SQL Injection > SQL Injection Methodology > SQL Injection Tools > Signature Evasion Techniques > SQL Injection Detection Tools Module 16: Hacking Wireless Networks > Foot Print a wireless network > Perform wireless traffic analysis > Crack WEP, WPA, and WPA2 networks > Create a rogue access point to capture data packets Learn about wireless encryption, wireless hacking methodologies and tools, and Wi-Fi security tools Hands-On Lab Exercises: Over 3 hands-on exercises with real-life simulated targets to build skills on how to:
Key topics covered: > Mobile Platform Attack Vectors > OWASP Top 10 Mobile Risks > App Sandboxing > SMS Phishing Attack (SMiShing) > Android Rooting > Hacking Android Devices > Android Security Tools www.infosectrain.com | sales@infosectrain.com Module 17: Hacking Mobile Platforms > Hack an Android device by creating binary payloads > Exploit the Android platform through ADB > Hack an Android device by creating APK file > Secure Android devices using various Android security tools Learn about mobile platform attack vectors, Android vulnerability exploits, and mobile security guidelines and tools. Hands-On Lab Exercises: Over 5 hands-on exercises with real-life simulated targets to build skills on how to: Key topics covered: > Wireless Terminology > Wireless Networks > Wireless Encryption > Wireless Threats > Wireless Hacking Methodology > Wi-Fi Encryption Cracking > WEP/WPA/WPA2 Cracking Tools > Bluetooth Hacking > Bluetooth Threats > Wi-Fi Security Auditing Tools > Bluetooth Security Tools
www.infosectrain.com | sales@infosectrain.com > Jailbreaking iOS > Hacking iOS Devices > iOS Device Security Tools > Mobile Device Management (MDM) > OWASP Top 10 Mobile Controls > Mobile Security Tools Key topics covered: > IoT Architecture > IoT Communication Models > OWASP Top 10 IoT Threats > IoT Vulnerabilities > IoT Hacking Methodology > IoT Hacking Tools > IoT Security Tools > IT/OT Convergence (IIOT) > ICS/SCADA > OT Vulnerabilities > OT Attacks > OT Hacking Methodology > OT Hacking Tools > OT Security Tools Module 18: IoT Hacking & OT Hacking > Gather information using Online foot printing tools > Capture and analyze IoT device traffic Learn about packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks. Hands-On Lab Exercises: Over 2 hands-on exercises with real-life simulated targets to build skills on how to:
www.infosectrain.com | sales@infosectrain.com Key topics covered: > Cloud Computing > Types of Cloud Computing Services > Cloud Deployment Models > Fog and Edge Computing > Cloud Service Providers > Container > Docker > Kubernetes > Serverless Computing > OWASP Top 10 Cloud Security Risks > Container and Kubernetes Vulnerabilities > Cloud Attacks > Cloud Hacking > Cloud Network Security > Cloud Security Controls Module 19: Cloud Computing > Perform S3 Bucket enumeration using various S3 bucket enumeration tools > Exploit open S3 buckets > Escalate IAM user privileges by exploiting misconfigured user policy Learn different cloud computing concepts, such as container technologies and server less computing, various cloud-based threats and attacks, and cloud security techniques and tools. Hands-On Lab Exercises: Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
www.infosectrain.com | sales@infosectrain.com Key topics covered: > Cryptography > Encryption Algorithms > MD5 and MD6 Hash Calculators > Cryptography Tools > Public Key Infrastructure (PKI) > Email Encryption > Disk Encryption > Cryptanalysis > Cryptography Attacks > Key Stretching Module 20: Cryptography > Calculate MD5 hashes > Perform file and text message encryption > Create and use self-signed certificates > Perform email and disk encryption > Perform cryptanalysis using various cryptanalysis tools In the final module, learn about cryptography and ciphers, public-key infra- structure, cryptography attacks, and cryptanalysis tools. Hands-On Lab Exer- cises: Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
www.infosectrain.com | sales@infosectrain.com Career Benefits Mid Level Information Assurance Security Audit $94,924 Vulnerability Assessment Analyst $1,06,604 Cybersecurity Auditor $77,800 Warning Analyst $72,162 Infosec Security Administrator $75,108 Cyber Security Analyst Level 1 $73,242 Information Security Analyst $66,895 System Security Administrator $91,472 IT Security Administrator $77,089 Security Analyst L1 $79.229 Cyber Defense Analyst $87,686 Cyber DefensCyber Security Analyst Level 2e Analyst $86,173 Cyber Security Analyst Level 3 $1,04,544
www.infosectrain.com | sales@infosectrain.com

More Related Content

certified-ethical-hacker-cehv12_course_content.pdf

  • 1. ONLINE TRAINING & CERTIFICATION CERTIFIED ETHICAL HACKER V12 LEARN 01 CERTIFY 02 ENGAGE 03 COMPETE 04
  • 3. www.infosectrain.com | sales@infosectrain.com Why C|EH v12? Since the threat in the cyber world is increasing continuously, the industry needs cyber security professionals who prevent threats and attacks in organizations worldwide. The Certified Ethical Hacker (C|EH v12) program is one of the most respected certifications in the cybersecurity field. The EC-Council has introduced new updated technologies in C|EH v12 program including the MITRE ATT&CK Framework, Diamond Model of Intrusion Analysis, Techniques for Establishing Persistence, Evading NAC and Endpoint Security, Fog Computing, Edge Computing, and Grid Computing. These updated technologies will prepare you to think like a hacker, so you have the skills to protect your infrastructure.
  • 4. The EC-Council’s C|EH v12 certification training program ocuses on training ambitious security professionals to gain ethical hacking skills through the real implementation of scanning, testing, hacking, and securing systems. You can leverage the following benefits with InfosecTrain: Why C|EH v12 Training Program with InfosecTrain? We can help you present your qualifications and work experience for the designated profile. We provide a flexible training schedule. We provide recorded videos after the session to each participant. We provide post-training assistance. We also create groups for discussion. We also provide a certificate of participation to each candidate. www.infosectrain.com | sales@infosectrain.com
  • 5. C|EH v12 tools that InfosecTrain Teach www.infosectrain.com | sales@infosectrain.com Scanners/Frameworks Tools Metasploit Reconness Nikto Nmap Angry IP scanner Miscellaneous Hacking Tools Wireshark THC Hydra John the Ripper Sqlmap Vulnerability Assessment Tools Burp Suite OpenVAS Nessus Hping3 Msfvenom NetScan Security Testing Tools Burp Suite Wireless Networking Tools Other Tools Aircrack-ng
  • 6. www.infosectrain.com | sales@infosectrain.com Target Audience Ethical Hackers System Administrators Network Administrators Engineers Web Managers Auditors Security Professionals Pre-requisites Basic understanding of network essentials and core concepts, including server and network components
  • 7. www.infosectrain.com | sales@infosectrain.com Exam Details NUMBER OF QUESTIONS EXAM DETAILS MCQ EXAM PRACTICAL EXAM 125 QUESTIONS 20 QUESTIONS EXAM DURATION 4 HOURS 6 HOURS EXAM FORMAT MULTIPLE CHOICE QUESTIONS ILABS CYBER RANGE PASSING SCORE 60%-80% 70% EXAM PREFIX 312-50(ECCEXAM, VUE), 312-50 (VUE) EXAM DELIVERY ECCEXAM, VUE - -
  • 8. www.infosectrain.com | sales@infosectrain.com Module 1: Introduction to Ethical Hacking > Elements of Information Security > Cyber Kill Chain Methodology > MITRE ATT&CK Framework > Hacker Classes > Ethical Hacking > Information Assurance (IA) > Risk Management > Incident Management > PCI DSS > HIPPA > SOX > GDPR Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures. Key topics covered: Course Content
  • 9. www.infosectrain.com | sales@infosectrain.com Module 2: Foot Printing and Reconnaissance Learn how to use the latest techniques and tools to perform foot printing and reconnaissance, a critical pre-attack phase of the ethical hacking process. Hands-On Lab Exercises: Over 30 hands-on exercises with real-life simulated targets to build skills on how to: Module 3: Scanning Networks > Perform host, port, service, and OS discovery on the target network > Perform scanning on the target network beyond IDS and firewall Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures. Hands-On Lab Exercises: Over 10 hands-on exercises with real-life simulated targets to build skills on how to: Module 4: Enumeration > Perform NetBIOS, SNMP, LDAP, NFS, DNS, SMTP, RPC, SMB, and FTP Enumeration Learn various enumeration techniques, such as Border Gateway Protocol (BGP) and Network File Sharing (NFS) exploits, plus associated countermeasures. Hands-On Lab Exercises: Over 20 hands-on exercises with real-life simulated targets to build skills on how to:
  • 10. www.infosectrain.com | sales@infosectrain.com Module 5: Vulnerability Analysis Learn how to identify security loopholes in a target organization’s network, communication infrastructure, and end systems. Hands-On Lab Exercises: Over 5 hands-on exercises with real-life simulated targets to build skills on how to: Module 6: System Hacking > Perform Online active online attack to crack the system’s password > Perform buffer overflow attack to gain access to a remote system > Escalate privileges using privilege escalationtools > Escalate privileges in linux machine > Hide data using steganography > Clear Windows and Linux machine logs using various utilities > Hiding artifacts in Windows and Linux machines Learn about the various system hacking methodologies—including steganography, steganalysis attacks, and covering tracks—used to discover system and network vulnerabilities. Hands-On Lab Exercises: Over 25 hands-on exercises with real-life simulated targets to build skills on how to:
  • 11. www.infosectrain.com | sales@infosectrain.com Module 7: Malware Threats > Gain control over a victim machine using Trojan > Infect the target system using a virus > Perform static and dynamic malware analysis Get an introduction to the different types of malware, such as Trojans, viruses, and worms, as well as system auditing for malware attacks, malware analysis, and countermeasures. Hands-On Lab Exercises: Over 20 hands-on exercises with real-life simulated targets to build skills on how to: Key topics covered: > Malware, Components of Malware > APT > Trojan > Types of Trojans > Exploit Kits > Virus > Virus Lifecycle > Types of Viruses > Ransomware > Computer Worms > Fileless Malware > Malware Analysis > Static Malware Analysis > Dynamic Malware Analysis > Virus Detection Methods > Trojan Analysis > Virus Analysis > Fileless Malware Analysis > Anti-Trojan Software > Antivirus Software > Fileless Malware Detection Tools
  • 12. www.infosectrain.com | sales@infosectrain.com Module 8: Sniffing > Perform MAC flooding, ARP poisoning, MITM and DHCP starvation attack > Spoof a MAC address of Linux machine > Perform network sniffing using various sniffing tools > Detect ARP poisoning in a switch-based network Learn about packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks. Hands-On Lab Exercises: Over 10 hands-on exercises with real-life simulated targets to build skills on how to: Key topics covered: > Network Sniffing > Wiretapping > MAC Flooding > DHCP Starvation Attack > ARP Spoofing Attack > ARP Poisoning > ARP Poisoning Tools > MAC Spoofing > STP Attack > DNS Poisoning > DNS Poisoning Tools > Sniffing Tools > Sniffer Detection Techniques > Promiscuous Detection Tools
  • 13. www.infosectrain.com | sales@infosectrain.com Module 9: Social Engineering > Perform social engineering using Various Techniques > Spoof a MAC address of a Linux machine > Detect a phishing attack > Audit an organization’s security for phishing attacks Learn social engineering concepts and techniques, including how to identify theft attempts, audit human-level vulnerabilities, and suggest social engineer- ing countermeasures. Hands-On Lab Exercises: Over 4 hands-on exercises with real-life simulated targets to build skills on how to: Module 10: Denial-of-Service > Perform a DoS and DDoS attack on a target host > Detect and protect against DoS and DDoS attacks Learn about different Denial-of-Service (DoS) and Distributed DoS (DDoS) attack techniques, as well as the tools used to audit a target and devise DoS and DDoS countermeasures and protections. Hands-On Lab Exercises: Over 5 hands-on exercises with real-life simulated targets to build skills on how to: Key topics covered: > Social Engineering > Types of Social Engineering > Phishing > Phishing Tools > Insider Threats/Insider Attacks > Identity Theft
  • 14. www.infosectrain.com | sales@infosectrain.com Key topics covered: > DoS Attack, DDoS Attack > Botnets > DoS/DDoS Attack Techniques > DoS/DDoS Attack Tools > DoS/DDoS Attack Detection Techniques > DoS/DDoS Protection Tools Module 11: Session Hijacking > Perform session hijacking using various tools > Detect session hijacking Understand the various session hijacking techniques used to discover network-level session management, authentication, authorization, and cryptographic weaknesses and associated countermeasures. Hands-On Lab Exercises: Over 4 hands-on exercises with real-life simulated targets to build skills on how to: Key topics covered: > Session Hijacking > Types of Session Hijacking > Spoofing > Application-Level Session Hijacking > Man-in-the-Browser Attack > Client-side Attacks > Session Replay Attacks > Session Fixation Attack > CRIME Attack > Network Level Session Hijacking > TCP/IP Hijacking > Session Hijacking Tools > Session Hijacking Detection Methods > Session Hijacking Prevention Tools
  • 15. www.infosectrain.com | sales@infosectrain.com Module 12: Evading IDS, Firewalls, and Honeypots > Bypass Windows Firewall > Bypass firewall rules using tunneling > Bypass antivirus Get introduced to firewall, intrusion detection system, and honeypot evasion techniques; the tools used to audit a network perimeter for weaknesses; and countermeasures. Hands-On Lab Exercises: Over 7 hands-on exercises with real-life simulated targets to build skills on how to: Module 13: Hacking Web Servers > Perform web server reconnaissance using various tools > Enumerate web server information > Crack FTP credentials using a dictionary attack Learn about web server attacks, including a comprehensive attack methodology used to audit vulnerabilities in web server infrastructures and countermeasures. Hands-On Lab Exercises: Over 8 hands-on exercises with real-life simulated targets to build skills on how to: Key topics covered: > Web Server Operations > Web Server Attacks > DNS Server Hijacking > Website Defacement > Web Cache Poisoning Attack > Web Server Attack Methodology > Web Server Attack Tools > Web Server Security Tools > Patch Management > Patch Management Tools
  • 16. www.infosectrain.com | sales@infosectrain.com Module 14: Hacking Web Applications Learn about web application attacks, including a comprehensive web applica- tion hacking methodology used to audit vulnerabilities in web applications and countermeasures. Hands-On Lab Exercises: Over 15 hands-on exercises with real-life simulated targets to build skills on how to: Key topics covered: > Web Application Architecture > Web Application Threats > OWASP Top 10 Application Security Risks – 2021 > Web Application Hacking Methodology > Web API > Webhooks and Web Shell > Web API Hacking Methodology > Web Application Security
  • 17. www.infosectrain.com | sales@infosectrain.com Module 15: SQL Injections Learn about SQL injection attack techniques, injection detection tools, and countermeasures to detect and defend against SQL injection attempts. Hands-On Lab Exercises: Over 4 hands-on exercises with real-life simulated targets to build skills on how to: Key topics covered: > SQL Injection > Types of SQL injection > Blind SQL Injection > SQL Injection Methodology > SQL Injection Tools > Signature Evasion Techniques > SQL Injection Detection Tools Module 16: Hacking Wireless Networks > Foot Print a wireless network > Perform wireless traffic analysis > Crack WEP, WPA, and WPA2 networks > Create a rogue access point to capture data packets Learn about wireless encryption, wireless hacking methodologies and tools, and Wi-Fi security tools Hands-On Lab Exercises: Over 3 hands-on exercises with real-life simulated targets to build skills on how to:
  • 18. Key topics covered: > Mobile Platform Attack Vectors > OWASP Top 10 Mobile Risks > App Sandboxing > SMS Phishing Attack (SMiShing) > Android Rooting > Hacking Android Devices > Android Security Tools www.infosectrain.com | sales@infosectrain.com Module 17: Hacking Mobile Platforms > Hack an Android device by creating binary payloads > Exploit the Android platform through ADB > Hack an Android device by creating APK file > Secure Android devices using various Android security tools Learn about mobile platform attack vectors, Android vulnerability exploits, and mobile security guidelines and tools. Hands-On Lab Exercises: Over 5 hands-on exercises with real-life simulated targets to build skills on how to: Key topics covered: > Wireless Terminology > Wireless Networks > Wireless Encryption > Wireless Threats > Wireless Hacking Methodology > Wi-Fi Encryption Cracking > WEP/WPA/WPA2 Cracking Tools > Bluetooth Hacking > Bluetooth Threats > Wi-Fi Security Auditing Tools > Bluetooth Security Tools
  • 19. www.infosectrain.com | sales@infosectrain.com > Jailbreaking iOS > Hacking iOS Devices > iOS Device Security Tools > Mobile Device Management (MDM) > OWASP Top 10 Mobile Controls > Mobile Security Tools Key topics covered: > IoT Architecture > IoT Communication Models > OWASP Top 10 IoT Threats > IoT Vulnerabilities > IoT Hacking Methodology > IoT Hacking Tools > IoT Security Tools > IT/OT Convergence (IIOT) > ICS/SCADA > OT Vulnerabilities > OT Attacks > OT Hacking Methodology > OT Hacking Tools > OT Security Tools Module 18: IoT Hacking & OT Hacking > Gather information using Online foot printing tools > Capture and analyze IoT device traffic Learn about packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks. Hands-On Lab Exercises: Over 2 hands-on exercises with real-life simulated targets to build skills on how to:
  • 20. www.infosectrain.com | sales@infosectrain.com Key topics covered: > Cloud Computing > Types of Cloud Computing Services > Cloud Deployment Models > Fog and Edge Computing > Cloud Service Providers > Container > Docker > Kubernetes > Serverless Computing > OWASP Top 10 Cloud Security Risks > Container and Kubernetes Vulnerabilities > Cloud Attacks > Cloud Hacking > Cloud Network Security > Cloud Security Controls Module 19: Cloud Computing > Perform S3 Bucket enumeration using various S3 bucket enumeration tools > Exploit open S3 buckets > Escalate IAM user privileges by exploiting misconfigured user policy Learn different cloud computing concepts, such as container technologies and server less computing, various cloud-based threats and attacks, and cloud security techniques and tools. Hands-On Lab Exercises: Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
  • 21. www.infosectrain.com | sales@infosectrain.com Key topics covered: > Cryptography > Encryption Algorithms > MD5 and MD6 Hash Calculators > Cryptography Tools > Public Key Infrastructure (PKI) > Email Encryption > Disk Encryption > Cryptanalysis > Cryptography Attacks > Key Stretching Module 20: Cryptography > Calculate MD5 hashes > Perform file and text message encryption > Create and use self-signed certificates > Perform email and disk encryption > Perform cryptanalysis using various cryptanalysis tools In the final module, learn about cryptography and ciphers, public-key infra- structure, cryptography attacks, and cryptanalysis tools. Hands-On Lab Exer- cises: Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
  • 22. www.infosectrain.com | sales@infosectrain.com Career Benefits Mid Level Information Assurance Security Audit $94,924 Vulnerability Assessment Analyst $1,06,604 Cybersecurity Auditor $77,800 Warning Analyst $72,162 Infosec Security Administrator $75,108 Cyber Security Analyst Level 1 $73,242 Information Security Analyst $66,895 System Security Administrator $91,472 IT Security Administrator $77,089 Security Analyst L1 $79.229 Cyber Defense Analyst $87,686 Cyber DefensCyber Security Analyst Level 2e Analyst $86,173 Cyber Security Analyst Level 3 $1,04,544