IT Training Scotland

IT Training Scotland delivers over 4000 technical and application training courses to business & individuals throughout the UK each year. If you have a training requirement, simply fill in the form below and let our friendly & experienced members of staff take care of everything else. Our aim is to provide the best IT training service possible for your own specific requirements.

What Are Your Training Requirements?

1. Name(required)
2. Email(valid email required)
3. Telephone(required)
4. Your Training Requirements(required)
5. Human?

 

cforms contact form by delicious:days

If you missed the first part of the Certified Ethical Hacker training course outlines, use the search.

As was mentioned in the 1st part of our course outlines for the Certified Ethical Hacker, the outlines for the CEH course is split in two to help out laptop users and to make the wall of text easier to digest for the rest of us.

If you are based anywhere in the UK and you are intrested in sitting the Certified Ethical Hacker, please get in contact using the form on the right hand side.

Certified Ethical Hacker Outline Part 2

Lesson 11: Social Engineering (DVD)

Lesson 12: Phishing (DVD)

Lesson 13: Hacking Email Accounts (DVD)

Lesson 14: Denial-of-Service

• Real World Scenario of DoS Attacks
• What are Denial-of-Service Attacks?
• Goal of DoS
• Impact and the Modes of Attack
• Types of Attacks
• DoS Attack Classification
• Bot (Derived from the Word RoBOT)
• What is a DDoS Attack?
• DDoS Tools
• Worms
• How to Conduct a DDoS Attack
• The Reflected DoS Attacks
• Reflection of the Exploit
• Countermeasures for Reflected DoS
• DDoS Countermeasures
• Taxonomy of DDoS Countermeasures
• Preventing Secondary Victims
• Detect and Neutralize Handlers
• Detect Potential Attacks
• DoSHTTP Tool
• Mitigate or Stop the Effects of DDoS Attacks
• Deflect Attacks
• Post-attack Forensics
• Packet Traceback

Lesson 15: Session Hijacking

• What is Session Hijacking?
• Spoofing vs. Hijacking
• Steps in Session Hijacking
• Types of Session Hijacking
• Session Hijacking Levels
• Network Level Hijacking
• The 3-Way Handshake
• TCP Concepts 3-Way Handshake
• Sequence Numbers
• TCP/IP hijacking
• IP Spoofing - Source Routed Packets
• RST Hijacking
• Blind Hijacking
• Man in the Middle - Packet Sniffer
• UDP Hijacking
• Application Level Hijacking
• Programs that Performs Session Hacking
• Dangers that hijacking Pose
• Protecting against Session Hijacking
• Countermeasures – Ipsec

Lesson 16: Hacking Web Servers

• How Web Servers Work
• How are Web Servers Compromised
• Web Server Defacement
• Attacks against IIS
• Unicode
• Hotfixes and Patches
• Solution - UpdateExpert
• Vulnerability Scanners
• Online Vulnerability Search Engine
• Network Tool - Whisker
• Network Tool - N-Stealth HTTP Vulnerability Scanner
• Hacking Tool - WebInspect
• Network Tool - Shadow Security Scanner
• Secure IIS
• Countermeasures
• Increasing Web Server Security
• Web Server Protection Checklist

Lesson 17: Web Application Vulnerabilities

• Web Application Setup
• Web application Hacking
• Anatomy of an Attack
• Web Application Threats
• Cross-Site Scripting/XSS Flaws
• SQL Injection
• Command Injection Flaws
• Cookie/Session Poisoning
• Parameter/Form Tampering
• Hidden Field at
• Buffer Overflow
• Directory Traversal/Forceful Browsing
• Cryptographic Interception
• Cookie Snooping
• Authentication Hijacking
• Log Tampering
• Error Message Interception
• Attack Obfuscation
• Platform Exploits
• DMZ Protocol Attacks
• Security Management Exploits
• TCP Fragmentation
• Hacking Tools

Lesson 18: Web-Based Password Cracking Techniques

• Authentication - Definition
• Authentication Mechanisms
• Bill Gates at the RSA Conference 2006
• How to Select a Good Password
• Things to Avoid in Passwords
• Changing Your Password
• Protecting Your Password
• Examples of Bad Passwords
• The “Mary Had A Little Lamb” Formula
• How Hackers Get Hold of Passwords
• Windows XP - Remove Saved Passwords
• What is a Password Cracker?
• Modus Operandi of an Attacker Using a Password Cracker
• How Does a Password Cracker Work?
• Attacks - Classification
• Password Crackers Available
• Countermeasures

Lesson 19: SQL Injection

• What is SQL Injection?
• Exploiting Web Applications
• Steps for performing SQL injection
• What You Should Look For
• What If It Doesn’t Take Input
• OLE DB Errors
• Input Validation Attack
• SQL injection Techniques
• How to Test for SQL Injection Vulnerability
• How Does It Work?
• BadLogin.aspx.cs
• BadProductList.aspx.cs
• Executing Operating System Commands
• Getting Output of SQL Query
• Getting Data from the Database Using ODBC Error Message
• How to Mine all Column Names of a Table
• How to Retrieve any Data
• How to Update/Insert Data into Database
• SQL Injection in Oracle
• SQL Injection in MySql Database
• Attacking Against SQL Servers
• SQL Server Resolution Service (SSRS)
• Osql -L Probing
• SQL Injection Automated Tools
• Blind SQL Injection
• SQL Injection Countermeasures
• Preventing SQL Injection Attacks
• GoodLogin.aspx.cs
• SQL Injection Blocking Tool - SQL Block
• Acunetix Web Vulnerability Scanner

Lesson 20: Hacking Wireless Networks

• Introduction to Wireless
• Wireless Standards
• Wireless Concepts and Devices
• WEP and WPA
• Attacks and Hacking Tools
• Scanning Tools
• Sniffing Tools
• Hacking Wireless Networks
• Wireless Security
• Wireless Security Tools

Lesson 21: Physical Security (DVD)

Lesson 22: Linux Hacking

• Why Linux?
• Linux Distributions
• Linux Live CD-ROMs
• Basic Commands of Linux: Files & Directories
• Directories in Linux
• Installing, Configuring, and Compiling Linux Kernel
• How to Install a Kernel Patch
• Compiling Programs in Linux
• GCC Commands
• Make Files
• Make Install Command
• Linux Vulnerabilities
• Chrooting
• Why is Linux Hacked?
• How to Apply Patches to Vulnerable Programs
• Scanning Networks
• Nmap in Linux
• Scanning Tool: Nessus
• Port Scan Detection Tools
• Password Cracking in Linux: Xcrack
• Firewall in Linux: IPTables
• IPTables Command
• Basic Linux Operating System Defense
• SARA (Security Auditor’s Research Assistant)
• Linux Tools
• Hacking Tools
• Linux Rootkits
• Linux Security Auditing Tool (LSAT)
• Linux Security Countermeasures
• Steps for Hardening Linux

Lesson 23: Evading IDS, Firewalls and Detecting Honey Pots

• Introduction to Intrusion Detection System
• Terminologies
• Intrusion Detection System (IDS)
• What is a Firewall?
• Common Tool for Testing Firewall and IDS
• What is a Honeypot?
• Tools to Detect Honeypots
• What to do when hacked

Lesson 24: Buffer Overflows

• Why are Programs/Applications Vulnerable?
• Buffer Overflows
• Reasons for Buffer Overflow Attacks
• Knowledge Required to Program Buffer Overflow Exploits
• Understanding Stacks
• Understanding Heaps
• Types of Buffer Overflows:Stack-based Buffer Overflow
• Types of Buffer Overflows:Heap-based Buffer Overflow
• Understanding Assembly Language
• How to Detect Buffer Overflows in a Program
• NOPs
• How to Mutate a Buffer Overflow Exploit
• Once the Stack is Smashed
• Defense Against Buffer Overflows
• Buffer Overflow Protection Solution:Libsafe
• Simple Buffer Overflow in C

Lesson 25: Cryptography

• Introduction to Cryptography
• Classical Cryptographic Techniques
• Cryptographic Algorithms
• Data Encryption Standard (DES)
• SHA (Secure Hash Algorithm)
• SSL (Secure Sockets Layer)
• What is SSH?
• Algorithms and Security
• Disk Encryption
• Government Access to Keys (GAK)
• Digital Signature
• Digital Certificates
• Advanced File Encryptor
• Code Breaking Methodologies
• Cracking S/MIME Encryption Using Idle CPU Time
• Use of Cryptography

Lesson 26: Penetration Testing (DVD)

Lesson 27: Macintosh Hacking (Lesson 34 on DVD)

Lesson 28: Hacking Routers, Cable Modems and Firewalls (Lesson 35 on
DVD)

Lesson 29: Hacking Mobile Phones, PDA and Handheld Devices (Lesson 36 on
DVD)

Lesson 30: Bluetooth Hacking (Lesson 37 on DVD)

Lesson 31: VoIP Hacking (Lesson 38 on DVD)

Lesson 32: RFID Hacking (Lesson 39 on DVD)

Lesson 33: Spamming (Lesson 40 on DVD)

Lesson 34: Hacking USB Devices (Lesson 41 on DVD)

Lesson 35: Hacking Database Servers (Lesson 42 on DVD)

Lesson 36: Cyber Warfare- Hacking, Al-Qaida and Terrorism (Lesson 43 on
DVD)

Lesson 37: Internet Content Filtering Techniques (Lesson 44 on DVD)

Lesson 38: Privacy on the Internet (Lesson 45 on DVD)

Lesson 39: Securing Laptop Computers (Lesson 46 on DVD)

Lesson 40: Spying Technologies (Lesson 47 on DVD)

Lesson 41: Corporate Espionage- Hacking Using Insiders (Lesson 48 on
DVD)

Lesson 42: Creating Security Policies (Lesson 49 on DVD)

Lesson 43: Software Piracy and Warez (Lesson 50 on DVD)

Lesson 44: Hacking and Cheating Online Games (Lesson 51 on DVD)

Lesson 45: Hacking RSS and Atom (Lesson 52 on DVD)

Lesson 46: Hacking Web Browsers (Firefox, IE) (Lesson 53 on DVD)

Lesson 47: Proxy Server Technologies (Lesson 54 on DVD)

Lesson 48: Data Loss Prevention (Lesson 55 on DVD)

Lesson 49: Hacking Global Positioning System (GPS) (Lesson 56 on DVD)

Lesson 50: Computer Forensics and Incident Handling (Lesson 57 on DVD)

Lesson 51: Lesson Labs

That concludes this outline on security IT training for the certified ethical hacker training course.

Related posts:

1. Certified Ethical Hacker | Course Outline Part 1
2. Certified Ethical Hacker Training Course