SlideShare ist ein Scribd-Unternehmen logo

Ethical System Hacking- Cyber Training Diploma

Als PPTX, PDF herunterladen
begmohsin
begmohsin

Become a Professional Ethical Cyber Hacker and learn to protect your organisation from being attacked. Become a truly invaluable asset to your organisation its cyber security defence against cyber hackers. Almost 3 million worldwide shortages of Cybersecurity professionals. 1.76 billion records leaked in January 2019 alone The 10 biggest data breaches of all time — with the number of accounts hacked and year occurred — according to Quartz: Yahoo, 3 billion (2013); Marriott, 500 million (2014-2018); Adult FriendFinder, 412 million (2016); MySpace, 360 million (2016); Under Armor, 150 million (2018); Equifax, 145.5 million (2017); eBay, 145 million (2014); Target, 110 million (2013); Heartland Payment Systems, 100+ million (2018); LinkedIn, 100 million (2012) The 5 most cyber-attacked industries over the past 5 years are healthcare, manufacturing, financial services, government, and transportation. Cybersecurity Ventures predicts that retail, oil and gas / energy and utilities, media and entertainment, legal, and education (K-12 and higher ed), will round out the top 10 industries for 2019 to 2022. Distributed-Denial-of-Service (DDoS) attacks represent the dominant threat observed by the vast majority of service providers — and they can represent up to 25 percent of a country’s total Internet traffic while they are occurring. Globally the total number of DDoS attacks will double to 14.5 million by 2022 (from 2017), according to the Cisco Visual Networking Index (VNI). Global ransomware damage costs are predicted to hit $20 billion in 2021, up from $11.5 billion in 2019, $5 billion in 2017, and just $325 million in 2015, according to Cybersecurity Ventures.

Technologie
1 von 33
Ethical System Hacking – Training Diploma Course Module Descriptors UK Cyber Defence Academy www.tech-strategygroup.com
Course Structure Unit 1: Introduction to Ethical Hacking Unit 2: Technical Processes of Hacking Unit 3: Footprint and Scanning Unit 4: Enumeration and System Hacking Unit 5: Fundamentals of Malware Threats Unit 6: Sniffers, Session Hijacking and Denial of Service Unit 7: Web Server Hacking, Web Applications and Database Hacking Unit 8: Wireless Technologies, Mobile Security and Attacks Unit 9: IDS, Firewalls and Honeypots
Course Structure Unit 10: Physical Security and Social Engineering Unit 11: Cryptographic Attacks and Defences Unit 12: Cloud Computing and Botnets Unit 13: Fundamentals of Kali Linux Unit 14: Encryption Cracking Tools
Module 1: Introduction to Ethical Hacking
Learning Objectives • Develop broad understanding about the Security Fundamentals • Learn about the differences between ethical hackers and hackers • Develop understanding about the different types of hacking attacks • Develop understanding about the different types of security testing that is performed by ethical hackers: white box testing, grey box testing, black box testing, penetration testing • Develop understanding about system risks, threats and vulnerabilities • Learn how to conduct Quantitative Risk Assessments. • Learn about the different types of hackers such as white hat hackers, black hat hackers, grey hat hackers, suicide hackers. • Learn about the hacker’s workflow methodology with regards to reconnaissance and footprinting, scanning and enumeration, gaining access, maintaining access and covering trackers. • Learn about the technical skills and knowledge ethical hackers should possess to be effective in your role. • Develop detailed understanding about the ethical hacking methods with regards to information gathering, external penetration testing, internal penetration testing, network gear testing and DoS testing, wireless network testing, application testing and social engineering, physical security testing, authentication system testing, database testing, communication system testing. • Learn about US federal laws that ethical hackers must be aware with regards to cyber fraud, cyber breaches and PCI DSS Company compliance.
Module 2: Technical Process of Hacking
Learning Objectives • Learn about the attacker’s process with regards to the following: Performing reconnaissance and footprinting, scanning and enumeration, gaining access, escalation of privilege and maintaining access and covering tracks. • Develop understanding about the most prominent security methodologies for security testing purposes • Develop understanding about the fundamentals of networking protocols and networking devices. • Develop understanding about the OSI Model and TCP/IP Layers: application, presentation, session, transport, network, data link and physical. • Learn about global application security and operation issues. • Develop understanding about the TCP packet structure, datagram fragmentation and how hackers manipulate packets
Module 3: Footprint and Scanning
Learning Objectives • Develop comprehensive understanding about the 7-step information gathering process with regards to footprinting mapping, mapping attack surface and exploring ways to penetrate external environments. • Learn how to identify active machines, open ports and access points and how to shut down TCP connection termination • Learn about the most popular scanning techniques and applications such as NMAP that can be used effectively. • Develop understanding about war driving, active fingerprint methods, fingerprinting services and how to explore open services • Learn how to map the network attack surface in depth
Module 4 : Enumeration and System Hacking
Learning Objectives • Develop understanding about enumeration, system hacking with regards to NetBIOS enumeration tools, Windows security, Linux Unix enumeration, NTP- SMTP enumeration, DNS enumeration, technical password attacks, automated password guessing, password sniffing, keylogging. • Learn how to exploit buffer overflow, access the SAM and the different types of windows authentication types. • Develop understanding about cracking windows passwords, hiding files and covering tracks, rootkit, ethical hacker response rootkit and file hiding.
Unit 5: Fundamentals of Malware Threats
Learning Objectives • Develop comprehensive understanding about the different types of attacks with regards to viruses and worms • Learn about transmission methods of viruses, trojans its behaviour and characteristics, virus payload characteristics and the architecture component structure of viruses. • Develop understanding about cover communication, keystroke logging and spyware. • Learn about Malware countermeasures. • Develop understanding about trojan behaviours with regards to remote access, data hiding, e-banking, denial of service (DoS), proxy and ftp. • Learn about RAT trojans tools, wrapper binding programs, trojan ports and communication methods, trojan targets and infection mechanisms. • Develop understanding about the deployment of a trojan, covert communication and tunneling via the internet, application layer • Learn about keystroke logging and spyware, hardware keyloggers, software keyloggers, spyware and malware countermeasures • Develop understanding about how to detect malware, and the types of known techniques antivirus programs implement with regards to the following: signature scanning, heuristic scanning, integrity checking and activity blocking. • Learn about how to conduct malware analysis
Module 6: Sniffers, Session Hijacking and Denial of Service
Learning Objectives • Develop understanding about sniffers as hacking tools • Learn about the core fundamentals of session hijacking techniques and denial of service and distributed denial of service • Learn about the prominent types of sniffing tools that are used, passive sniffing, active sniffing, address resolution protocol (ARP) and ARP spoofing attacks • Develop understanding about ARP poisoning, MAC Flooding processes and how hackers launch server attacks on the DHCP servers • Develop understanding about MAC Spoofing, DNS spoofing and tools which ethical hackers can implement spoofing purpose • Learn about sniffing and spoofing countermeasures, session hijacking, transport layer hijacking and the lifecycle of a session hijack • Develop understanding of the detailed steps that are involved in how session hijack is used to manipulate the TCP start-up. • Learn how hackers can launch attacks through the following methods: session sniffing, predictable session token ID, man in the middle attacks, man in the browser attacks, client side attacks and session replay attacks. • Learn about the session hijacking attacks and tools that can be used by hackers and how to prevent session hijacking • Develop understanding about the role of DoS in the hacker’s methodology • Learn about the different types of techniques which can be incorporated in the DoS attacks such as the following: bandwidth attacks, SYN flood attacks, internet control message protocol (ICMP) attacks, peer to peer (P2P) attacks and application level attacks • Develop understanding of the countermeasures and best practices that can be implemented for DoS and DDOS attacks
Unit 7: Fundamentals of Webserver Hacking, Web Applications and Database Attacks
Learning Objectives • Develop comprehensive understanding about Web Server Hacking patterns, approaches and techniques • Understand the process of Web Application Hacking • Learn about the fundamentals of Database Hacking • Learn about the tools that hackers can employ when launching a webserver attack • Develop understanding about scanning webservers, banner grabbing and enumeration, website ripper tools and webserver vulnerability identification • Learn about the following types of webserver attacks: DoS/DDoS attacks , DNS server hijacking, DNS amplification attacks, Directory traversal, Man in the middle, Website defacement, Web server misconfiguration, HTTP response splitting and Web server password cracking • Learn about the following ways web applications can be attacked by hackers: Unvalidated Input, Parameter/form tampering, Injection flaws, Cross-site scripting, Cross-site request forgery attacks, Hidden field attacks, Attacking web-based authentication, Web-based password cracking, Web based authentication attacks, and intercepting web traffic. • Develop understanding about the most common authentication types: basic, message digest, certificate based, forms based • Learn about web application hacking and how hackers launch dictionary attacks, hybrid attacks, brute force attacks and the types of tools hackers can utilise. • Learn how hackers intercept web traffic and how to secure web applications using source scanners and relevant tools • Learn how database hacking occurs and the vulnerabilities which exist within SQL databases • Learn about the types of tools which can be incorporated to hack SQL Databases.
This Photo by Unknown Author is licensed under CC BY-ND
Learning Objectives • Learn about the diverse types of mobile phone technologies that can be hacked • Learn how mobile security violations happen and mobile attacks launched by hackers • Develop core understanding about the essentials of Wireless LANS • Develop understanding about the concerns with mobile platforms and global mobile security issues • Learn about security issues associated with android applications • Learn about the techniques and the types of tools that can be used for jail breaking apple iphone, windows, blackberry and android mobile applications • Learn about the tools which can be implemented to prevent hackers exploiting vulnerable mobile devices • Learn about the Bluetooth tools which can be used to attack Bluetooth security loopholes • Develop understanding about WLAN threats and issues • Develop understanding about evil twin attacks, denial of service (DoS), wireless hacking tools, and how to perform wireless traffic analysis. • Learn how to launch wireless attacks and prevent Wi Fi networks from being compromised and make wireless networks more secure • Learn how to build high level defence designs and develop understanding about wireless authentication
Module 9: IDS, Firewalls and Honeypots This Photo by Unknown Author is licensed under CC BY-NC
Learning Objectives • Develop understanding about the Intrusion Detection Systems that are used to detect malicious activity • Learn about Firewalls that exist amongst trusted and untrusted networks • Develop understanding about Honeypots and fake systems that are used to lure in attackers • Learn about the essential components of intrusion detection systems and pattern matching anomaly detection techniques • Learn about insertion attacks employed by hackers, overlapping fragments and TCP, Protocol ambiguities, session splicing, shellcode attacks and other form of IDS evasion techniques. • Develop understanding about the differences between the following types of firewalls: packet filters, application-level gateway, circuit-level gateway and stateful multilayer inspection • Learn about firewalking, banner grabbing, different types of honeypots and how to detect them.
Module 10 Cryptographic Attacks and Defenses
Learning Objectives • Develop understanding about the functions of Cryptography with regards to providing confidentiality, integrity, authenticity and non-repudiation • Learn about Algorithms, and the differences between asymmetric, symmetric and hashing algorithms • Develop understanding about the objectives of the Public Key Infrastructure (PKI and it’s communication and third-party trust • Develop broad understanding about Protocols, Standards and Applications with regards to Secure Shell, IPSec and PGP. • Learn about the hashing process, SHA-1 and how asymmetric encryptions implemented for confidentiality and integrity. • Develop understanding about steganography, steganogrpahic tools, steganalysis, digital watermark, PGP, SSH, SSL, IPSec, PPTP, EFS • Develop understanding about the following types of attacks carried out by hackers: Known plain text attack: cipher text only attack, Man in the middle attack, replay attack, side channel attack, chosen plan text attack and chosen ciper text attack
Module 11: Physical Security and Social Engineering
Learning Objectives • Learn about the different types of threats to physical security • Develop understanding about the various types of physical controls which can be implemented to protect enterprises from hackers and thieves • Develop broad understanding about the different types of Social Engineering attacks and the various ways in how hackers manipulate people • Develop understanding about the common types of backup media and by passing techniques • Develop understanding about biometric systems, social engineering, person social engineering, computer based social engineering, phishing, social networking and targeted attacks.
Module 12 Cloud Computing and Botnets
Learning Objectives • Develop understanding about the different types of cloud-based services • Learn about cloud deployment models and cloud computing models • Learn about the issues with cloud computing and the following types of cloud attacks: session hijackings, DNS attacks, cross site scripting (XSS), SQL injection and session riding, distributed denial of service (DDoS), man in the middle cryptographic attacks, side channel attacks, authentication attacks, wrapping attacks. • Develop understanding about cloud security control layers. • Learn about botnets and botnet architecture, botnet client server models, botnet peer to peer models. • Develop understanding about banking trojans, botnet countermeasures and techniques to build defences. • Learn how to create a botnet in order to achieve malicious gains
Module 13 Fundamentals of Kali Linux
Learning Objectives • Learn how to install Kali Linux on your network • Learn how to setup a virtual laboratory • Learn how to use information gathering tools in Kali Linux • Learn about vulnerability analysis tools and wireless attacks • Learn about penetration testing tools in Kali Linux • Learn about database tools, CMS scanning tools, forensic tools and exploitation Tools • Learn about social engineering toolkit, stressing tools, sniffing and spoofing Tools • Learn about password cracking tools, reverse engineering tools and reporting tools.
Module 14: Encryption Cracking Tools
Learning Objectives Learn about the following types of tools that you can implement as part of your workflow strategy when performing tasks as a Ethical Hacker: • Encryption Cracking tools • Cyber security Tools and Sites • Footprinting Tools • Competitive Intelligence • Tracking Online Reputation • Website Research • DNS and Whois Tools • Traceeroute Tools and Links
Learning Objectives Learn about the following types of tools that you can implement as part of your workflow strategy when performing tasks as a Ethical Hacker: • Website Mirroring Tools and Sites • Google Hacking • Scanning and Enumeration Tools • System Hacking Tools • Cryptography and Encryption • Sniffing • Wireless Attacking • Trojans and Malware • Web Attacking Tools • SQL Injection Tools
End

Empfohlen

Certied Ethical Hacker
Certied Ethical HackerCertied Ethical Hacker
Certied Ethical Hacker
Knowledgehut
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
limsh
 
Cyber crime trends in 2013
Cyber crime trends in 2013 Cyber crime trends in 2013
Cyber crime trends in 2013
The eCore Group
 
BAIT1103 Course Overview
BAIT1103 Course OverviewBAIT1103 Course Overview
BAIT1103 Course Overview
limsh
 
Ethical Hacking Class
Ethical Hacking ClassEthical Hacking Class
Ethical Hacking Class
Laney Dale
 
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
Kevin Fisher
 
Security
Security Security
Security
chian417
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Chetanmalviya8
 

Empfohlen

Certied Ethical Hacker
Certied Ethical HackerCertied Ethical Hacker
Certied Ethical Hacker
Knowledgehut
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
limsh
 
Cyber crime trends in 2013
Cyber crime trends in 2013 Cyber crime trends in 2013
Cyber crime trends in 2013
The eCore Group
 
BAIT1103 Course Overview
BAIT1103 Course OverviewBAIT1103 Course Overview
BAIT1103 Course Overview
limsh
 
Ethical Hacking Class
Ethical Hacking ClassEthical Hacking Class
Ethical Hacking Class
Laney Dale
 
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
Kevin Fisher
 
Security
Security Security
Security
chian417
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Chetanmalviya8
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
vishnukp34
 
Cs8792 cns - unit v
Cs8792 cns - unit vCs8792 cns - unit v
Cs8792 cns - unit v
ArthyR3
 
Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking
Theko Moima
 
Security in computer systems fundamentals
Security in computer systems fundamentalsSecurity in computer systems fundamentals
Security in computer systems fundamentals
Manesh T
 
Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities
Joel Aleburu
 
HACKERS ATTACK PROCESS
HACKERS ATTACK PROCESSHACKERS ATTACK PROCESS
HACKERS ATTACK PROCESS
UK Defence Cyber School
 
ETHICAL HACKING
ETHICAL HACKINGETHICAL HACKING
ETHICAL HACKING
Sweta Leena Panda
 
Network Security Topic 1 intro
Network Security Topic 1 introNetwork Security Topic 1 intro
Network Security Topic 1 intro
Khawar Nehal khawar.nehal@atrc.net.pk
 
Cisel1 d
Cisel1 dCisel1 d
Cisel1 d
chandu_sai
 
Ethical hacking11601031 (1)
Ethical hacking11601031 (1)Ethical hacking11601031 (1)
Ethical hacking11601031 (1)
Mohammad Affan
 
What is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in itWhat is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in it
lavakumar Thatisetti
 
Certified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book SummaryCertified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book Summary
udemy course
 
DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015
T. J. Saotome
 
TestBed-Cyber-Security-Workshops
TestBed-Cyber-Security-WorkshopsTestBed-Cyber-Security-Workshops
TestBed-Cyber-Security-Workshops
Aaron Rinehart
 
Cybersecurity, Hacking, and Privacy
Cybersecurity, Hacking, and Privacy Cybersecurity, Hacking, and Privacy
Cybersecurity, Hacking, and Privacy
Nicholas Davis
 
Lesson plan ethical hacking
Lesson plan ethical hackingLesson plan ethical hacking
Lesson plan ethical hacking
Nigam Dave
 
Web security
Web securityWeb security
Web security
Iqbal Shaikh
 
Module 1 Introduction
Module 1 IntroductionModule 1 Introduction
Module 1 Introduction
leminhvuong
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical Hacking
Viral Parmar
 
Ethical hacking (legal)
Ethical hacking (legal)Ethical hacking (legal)
Ethical hacking (legal)
Thangaraj Murugananthan
 
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hacking
ankit sarode
 
Threat Hunting Professional Online Training Course
Threat Hunting Professional Online Training CourseThreat Hunting Professional Online Training Course
Threat Hunting Professional Online Training Course
ShivamSharma909
 

Weitere ähnliche Inhalte

Was ist angesagt?

Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities
Joel Aleburu
 
Ethical hacking11601031 (1)
Ethical hacking11601031 (1)Ethical hacking11601031 (1)
Ethical hacking11601031 (1)
Mohammad Affan
 
DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015
T. J. Saotome
 
TestBed-Cyber-Security-Workshops
TestBed-Cyber-Security-WorkshopsTestBed-Cyber-Security-Workshops
TestBed-Cyber-Security-Workshops
Aaron Rinehart
 
Module 1 Introduction
Module 1 IntroductionModule 1 Introduction
Module 1 Introduction
leminhvuong
 

Was ist angesagt? (20)

CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
 
Cs8792 cns - unit v
Cs8792 cns - unit vCs8792 cns - unit v
Cs8792 cns - unit v
 
Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking
 
Security in computer systems fundamentals
Security in computer systems fundamentalsSecurity in computer systems fundamentals
Security in computer systems fundamentals
 
Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities
 
HACKERS ATTACK PROCESS
HACKERS ATTACK PROCESSHACKERS ATTACK PROCESS
HACKERS ATTACK PROCESS
 
ETHICAL HACKING
ETHICAL HACKINGETHICAL HACKING
ETHICAL HACKING
 
Network Security Topic 1 intro
Network Security Topic 1 introNetwork Security Topic 1 intro
Network Security Topic 1 intro
 
Cisel1 d
Cisel1 dCisel1 d
Cisel1 d
 
Ethical hacking11601031 (1)
Ethical hacking11601031 (1)Ethical hacking11601031 (1)
Ethical hacking11601031 (1)
 
What is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in itWhat is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in it
 
Certified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book SummaryCertified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book Summary
 
DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015
 
TestBed-Cyber-Security-Workshops
TestBed-Cyber-Security-WorkshopsTestBed-Cyber-Security-Workshops
TestBed-Cyber-Security-Workshops
 
Cybersecurity, Hacking, and Privacy
Cybersecurity, Hacking, and Privacy Cybersecurity, Hacking, and Privacy
Cybersecurity, Hacking, and Privacy
 
Lesson plan ethical hacking
Lesson plan ethical hackingLesson plan ethical hacking
Lesson plan ethical hacking
 
Web security
Web securityWeb security
Web security
 
Module 1 Introduction
Module 1 IntroductionModule 1 Introduction
Module 1 Introduction
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical Hacking
 
Ethical hacking (legal)
Ethical hacking (legal)Ethical hacking (legal)
Ethical hacking (legal)
 

Ähnlich wie Ethical System Hacking- Cyber Training Diploma

Ähnlich wie Ethical System Hacking- Cyber Training Diploma (20)

Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hacking
 
Threat Hunting Professional Online Training Course
Threat Hunting Professional Online Training CourseThreat Hunting Professional Online Training Course
Threat Hunting Professional Online Training Course
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
 
CEH-brochure.pdf
CEH-brochure.pdfCEH-brochure.pdf
CEH-brochure.pdf
 
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptxEthical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
 
The Threat Landscape & Network Security Measures
The Threat Landscape & Network Security MeasuresThe Threat Landscape & Network Security Measures
The Threat Landscape & Network Security Measures
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Network Security_4th Module_Dr. Shivashankar
Network Security_4th Module_Dr. ShivashankarNetwork Security_4th Module_Dr. Shivashankar
Network Security_4th Module_Dr. Shivashankar
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Ethical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxEthical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptx
 
Careers in Cyber Security
Careers in Cyber SecurityCareers in Cyber Security
Careers in Cyber Security
 
Cloud Security.pptx
Cloud Security.pptxCloud Security.pptx
Cloud Security.pptx
 
edCeh brochure
edCeh brochureedCeh brochure
edCeh brochure
 
Ethical Hacking Redefined
Ethical Hacking RedefinedEthical Hacking Redefined
Ethical Hacking Redefined
 
mille2.pptx
mille2.pptxmille2.pptx
mille2.pptx
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for business
 
Introduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf fileIntroduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf file
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes
 

Mehr von begmohsin

Mehr von begmohsin (7)

Skills you need to become a ethical hacker
Skills you need to become a ethical hackerSkills you need to become a ethical hacker
Skills you need to become a ethical hacker
 
Attackers process
Attackers processAttackers process
Attackers process
 
Enumeration and system hacking
Enumeration and system hackingEnumeration and system hacking
Enumeration and system hacking
 
How hackers collate information about employees
How hackers collate information about employees How hackers collate information about employees
How hackers collate information about employees
 
Types of hackers
Types of hackersTypes of hackers
Types of hackers
 
Ethical Hacking Tools & Techniques
Ethical Hacking Tools & Techniques Ethical Hacking Tools & Techniques
Ethical Hacking Tools & Techniques
 
Defend your organisation from Cyber Attacks
Defend your organisation from Cyber AttacksDefend your organisation from Cyber Attacks
Defend your organisation from Cyber Attacks
 

Kürzlich hochgeladen

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Kürzlich hochgeladen (20)

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 

Ethical System Hacking- Cyber Training Diploma

  • 1. Ethical System Hacking – Training Diploma Course Module Descriptors UK Cyber Defence Academy www.tech-strategygroup.com
  • 2. Course Structure Unit 1: Introduction to Ethical Hacking Unit 2: Technical Processes of Hacking Unit 3: Footprint and Scanning Unit 4: Enumeration and System Hacking Unit 5: Fundamentals of Malware Threats Unit 6: Sniffers, Session Hijacking and Denial of Service Unit 7: Web Server Hacking, Web Applications and Database Hacking Unit 8: Wireless Technologies, Mobile Security and Attacks Unit 9: IDS, Firewalls and Honeypots
  • 3. Course Structure Unit 10: Physical Security and Social Engineering Unit 11: Cryptographic Attacks and Defences Unit 12: Cloud Computing and Botnets Unit 13: Fundamentals of Kali Linux Unit 14: Encryption Cracking Tools
  • 5. Learning Objectives • Develop broad understanding about the Security Fundamentals • Learn about the differences between ethical hackers and hackers • Develop understanding about the different types of hacking attacks • Develop understanding about the different types of security testing that is performed by ethical hackers: white box testing, grey box testing, black box testing, penetration testing • Develop understanding about system risks, threats and vulnerabilities • Learn how to conduct Quantitative Risk Assessments. • Learn about the different types of hackers such as white hat hackers, black hat hackers, grey hat hackers, suicide hackers. • Learn about the hacker’s workflow methodology with regards to reconnaissance and footprinting, scanning and enumeration, gaining access, maintaining access and covering trackers. • Learn about the technical skills and knowledge ethical hackers should possess to be effective in your role. • Develop detailed understanding about the ethical hacking methods with regards to information gathering, external penetration testing, internal penetration testing, network gear testing and DoS testing, wireless network testing, application testing and social engineering, physical security testing, authentication system testing, database testing, communication system testing. • Learn about US federal laws that ethical hackers must be aware with regards to cyber fraud, cyber breaches and PCI DSS Company compliance.
  • 7. Learning Objectives • Learn about the attacker’s process with regards to the following: Performing reconnaissance and footprinting, scanning and enumeration, gaining access, escalation of privilege and maintaining access and covering tracks. • Develop understanding about the most prominent security methodologies for security testing purposes • Develop understanding about the fundamentals of networking protocols and networking devices. • Develop understanding about the OSI Model and TCP/IP Layers: application, presentation, session, transport, network, data link and physical. • Learn about global application security and operation issues. • Develop understanding about the TCP packet structure, datagram fragmentation and how hackers manipulate packets
  • 9. Learning Objectives • Develop comprehensive understanding about the 7-step information gathering process with regards to footprinting mapping, mapping attack surface and exploring ways to penetrate external environments. • Learn how to identify active machines, open ports and access points and how to shut down TCP connection termination • Learn about the most popular scanning techniques and applications such as NMAP that can be used effectively. • Develop understanding about war driving, active fingerprint methods, fingerprinting services and how to explore open services • Learn how to map the network attack surface in depth
  • 10. Module 4 : Enumeration and System Hacking
  • 11. Learning Objectives • Develop understanding about enumeration, system hacking with regards to NetBIOS enumeration tools, Windows security, Linux Unix enumeration, NTP- SMTP enumeration, DNS enumeration, technical password attacks, automated password guessing, password sniffing, keylogging. • Learn how to exploit buffer overflow, access the SAM and the different types of windows authentication types. • Develop understanding about cracking windows passwords, hiding files and covering tracks, rootkit, ethical hacker response rootkit and file hiding.
  • 13. Learning Objectives • Develop comprehensive understanding about the different types of attacks with regards to viruses and worms • Learn about transmission methods of viruses, trojans its behaviour and characteristics, virus payload characteristics and the architecture component structure of viruses. • Develop understanding about cover communication, keystroke logging and spyware. • Learn about Malware countermeasures. • Develop understanding about trojan behaviours with regards to remote access, data hiding, e-banking, denial of service (DoS), proxy and ftp. • Learn about RAT trojans tools, wrapper binding programs, trojan ports and communication methods, trojan targets and infection mechanisms. • Develop understanding about the deployment of a trojan, covert communication and tunneling via the internet, application layer • Learn about keystroke logging and spyware, hardware keyloggers, software keyloggers, spyware and malware countermeasures • Develop understanding about how to detect malware, and the types of known techniques antivirus programs implement with regards to the following: signature scanning, heuristic scanning, integrity checking and activity blocking. • Learn about how to conduct malware analysis
  • 14. Module 6: Sniffers, Session Hijacking and Denial of Service
  • 15. Learning Objectives • Develop understanding about sniffers as hacking tools • Learn about the core fundamentals of session hijacking techniques and denial of service and distributed denial of service • Learn about the prominent types of sniffing tools that are used, passive sniffing, active sniffing, address resolution protocol (ARP) and ARP spoofing attacks • Develop understanding about ARP poisoning, MAC Flooding processes and how hackers launch server attacks on the DHCP servers • Develop understanding about MAC Spoofing, DNS spoofing and tools which ethical hackers can implement spoofing purpose • Learn about sniffing and spoofing countermeasures, session hijacking, transport layer hijacking and the lifecycle of a session hijack • Develop understanding of the detailed steps that are involved in how session hijack is used to manipulate the TCP start-up. • Learn how hackers can launch attacks through the following methods: session sniffing, predictable session token ID, man in the middle attacks, man in the browser attacks, client side attacks and session replay attacks. • Learn about the session hijacking attacks and tools that can be used by hackers and how to prevent session hijacking • Develop understanding about the role of DoS in the hacker’s methodology • Learn about the different types of techniques which can be incorporated in the DoS attacks such as the following: bandwidth attacks, SYN flood attacks, internet control message protocol (ICMP) attacks, peer to peer (P2P) attacks and application level attacks • Develop understanding of the countermeasures and best practices that can be implemented for DoS and DDOS attacks
  • 16. Unit 7: Fundamentals of Webserver Hacking, Web Applications and Database Attacks
  • 17. Learning Objectives • Develop comprehensive understanding about Web Server Hacking patterns, approaches and techniques • Understand the process of Web Application Hacking • Learn about the fundamentals of Database Hacking • Learn about the tools that hackers can employ when launching a webserver attack • Develop understanding about scanning webservers, banner grabbing and enumeration, website ripper tools and webserver vulnerability identification • Learn about the following types of webserver attacks: DoS/DDoS attacks , DNS server hijacking, DNS amplification attacks, Directory traversal, Man in the middle, Website defacement, Web server misconfiguration, HTTP response splitting and Web server password cracking • Learn about the following ways web applications can be attacked by hackers: Unvalidated Input, Parameter/form tampering, Injection flaws, Cross-site scripting, Cross-site request forgery attacks, Hidden field attacks, Attacking web-based authentication, Web-based password cracking, Web based authentication attacks, and intercepting web traffic. • Develop understanding about the most common authentication types: basic, message digest, certificate based, forms based • Learn about web application hacking and how hackers launch dictionary attacks, hybrid attacks, brute force attacks and the types of tools hackers can utilise. • Learn how hackers intercept web traffic and how to secure web applications using source scanners and relevant tools • Learn how database hacking occurs and the vulnerabilities which exist within SQL databases • Learn about the types of tools which can be incorporated to hack SQL Databases.
  • 18. This Photo by Unknown Author is licensed under CC BY-ND
  • 19. Learning Objectives • Learn about the diverse types of mobile phone technologies that can be hacked • Learn how mobile security violations happen and mobile attacks launched by hackers • Develop core understanding about the essentials of Wireless LANS • Develop understanding about the concerns with mobile platforms and global mobile security issues • Learn about security issues associated with android applications • Learn about the techniques and the types of tools that can be used for jail breaking apple iphone, windows, blackberry and android mobile applications • Learn about the tools which can be implemented to prevent hackers exploiting vulnerable mobile devices • Learn about the Bluetooth tools which can be used to attack Bluetooth security loopholes • Develop understanding about WLAN threats and issues • Develop understanding about evil twin attacks, denial of service (DoS), wireless hacking tools, and how to perform wireless traffic analysis. • Learn how to launch wireless attacks and prevent Wi Fi networks from being compromised and make wireless networks more secure • Learn how to build high level defence designs and develop understanding about wireless authentication
  • 20. Module 9: IDS, Firewalls and Honeypots This Photo by Unknown Author is licensed under CC BY-NC
  • 21. Learning Objectives • Develop understanding about the Intrusion Detection Systems that are used to detect malicious activity • Learn about Firewalls that exist amongst trusted and untrusted networks • Develop understanding about Honeypots and fake systems that are used to lure in attackers • Learn about the essential components of intrusion detection systems and pattern matching anomaly detection techniques • Learn about insertion attacks employed by hackers, overlapping fragments and TCP, Protocol ambiguities, session splicing, shellcode attacks and other form of IDS evasion techniques. • Develop understanding about the differences between the following types of firewalls: packet filters, application-level gateway, circuit-level gateway and stateful multilayer inspection • Learn about firewalking, banner grabbing, different types of honeypots and how to detect them.
  • 23. Learning Objectives • Develop understanding about the functions of Cryptography with regards to providing confidentiality, integrity, authenticity and non-repudiation • Learn about Algorithms, and the differences between asymmetric, symmetric and hashing algorithms • Develop understanding about the objectives of the Public Key Infrastructure (PKI and it’s communication and third-party trust • Develop broad understanding about Protocols, Standards and Applications with regards to Secure Shell, IPSec and PGP. • Learn about the hashing process, SHA-1 and how asymmetric encryptions implemented for confidentiality and integrity. • Develop understanding about steganography, steganogrpahic tools, steganalysis, digital watermark, PGP, SSH, SSL, IPSec, PPTP, EFS • Develop understanding about the following types of attacks carried out by hackers: Known plain text attack: cipher text only attack, Man in the middle attack, replay attack, side channel attack, chosen plan text attack and chosen ciper text attack
  • 25. Learning Objectives • Learn about the different types of threats to physical security • Develop understanding about the various types of physical controls which can be implemented to protect enterprises from hackers and thieves • Develop broad understanding about the different types of Social Engineering attacks and the various ways in how hackers manipulate people • Develop understanding about the common types of backup media and by passing techniques • Develop understanding about biometric systems, social engineering, person social engineering, computer based social engineering, phishing, social networking and targeted attacks.
  • 27. Learning Objectives • Develop understanding about the different types of cloud-based services • Learn about cloud deployment models and cloud computing models • Learn about the issues with cloud computing and the following types of cloud attacks: session hijackings, DNS attacks, cross site scripting (XSS), SQL injection and session riding, distributed denial of service (DDoS), man in the middle cryptographic attacks, side channel attacks, authentication attacks, wrapping attacks. • Develop understanding about cloud security control layers. • Learn about botnets and botnet architecture, botnet client server models, botnet peer to peer models. • Develop understanding about banking trojans, botnet countermeasures and techniques to build defences. • Learn how to create a botnet in order to achieve malicious gains
  • 29. Learning Objectives • Learn how to install Kali Linux on your network • Learn how to setup a virtual laboratory • Learn how to use information gathering tools in Kali Linux • Learn about vulnerability analysis tools and wireless attacks • Learn about penetration testing tools in Kali Linux • Learn about database tools, CMS scanning tools, forensic tools and exploitation Tools • Learn about social engineering toolkit, stressing tools, sniffing and spoofing Tools • Learn about password cracking tools, reverse engineering tools and reporting tools.
  • 31. Learning Objectives Learn about the following types of tools that you can implement as part of your workflow strategy when performing tasks as a Ethical Hacker: • Encryption Cracking tools • Cyber security Tools and Sites • Footprinting Tools • Competitive Intelligence • Tracking Online Reputation • Website Research • DNS and Whois Tools • Traceeroute Tools and Links
  • 32. Learning Objectives Learn about the following types of tools that you can implement as part of your workflow strategy when performing tasks as a Ethical Hacker: • Website Mirroring Tools and Sites • Google Hacking • Scanning and Enumeration Tools • System Hacking Tools • Cryptography and Encryption • Sniffing • Wireless Attacking • Trojans and Malware • Web Attacking Tools • SQL Injection Tools
  • 33. End