|
Anti-Hacking Certificate for Managers
This 2 day Anti-Hacking Certificate class teaches IT
& Computer Security Professionals how to be an Ethical Hacker
while defending your network from malicious software like Trojans,
viruses and phishing attempts. In this class you will see 15+
network & computer security tools demo'ed. You'll learn: Network
Penetration Testing & Ethical Hacking, Firewall VPN best practices,
understand how Viruses and Trojans get on your network and how
to, with effective Patch Management, mitigate risk. Including,
how to stop buffer overflows by writing secure code. Lastly, this
class shows you how to do computer investigations without compromising
your data.
Who should attend:
CIO's, Network Managers, Operations Managers, IT Security Auditor's,
IT Auditors, Bank Examiners.
Course Fee: $1,195
Time: 8:30am 4:30pm
Learning Level: Beginner to Intermediate
Prerequisites: Familiar with Windows based computers
CPE Credits: 16
Instructor: TBA
Request
Class Dates or In-House Training of Classes.
Ethical Hacking - Gather the Data - You'll uncover
the hackers' favorite penetration techniques and how to protect
against them.
Ethical Hacker - Ethics and Legality
* What is an Exploit?
* The security functionality triangle
* The attacker's process
* Passive reconnaissance
* Active reconnaissance
* Types of attacks
* Categories of exploits
* Goals attackers try to achieve
* Ethical hackers and crackers - who are they
* Self proclaimed ethical hacking
* Skills required for ethical hacking Categories of Ethical Hackers
* What do Ethical Hackers do?
* Security evaluation plan
* Types of Ethical Hacks
* Testing Types
* Ethical Hacking Report
* Cyber Security Enhancement Act of 2002
* Computer Crimes
* Hacking Punishment
Ethical Hacker: Footprinting
* What is Footprinting
* Steps for gathering information
* Whois
* http://tucows.com
* Hacking Tool: Sam Spade
* Analyzing Whois output
* NSLookup
* Finding the address range of the network
* ARIN
* Traceroute
* Hacking Tool: NeoTrace
* Visual Route
* Visual Lookout
* Hacking Tool: Smart Whois
* Hacking Tool: eMailTracking Pro
* Hacking Tool: MailTracking.com
Ethical Hacker: Scanning
* Determining if the system is alive?
* Active stack fingerprinting
* Passive stack fingerprinting
* Hacking Tool: Pinger
* Hacking Tool: Friendly Pinger
* Hacking Tools
* Detecting Ping sweeps
* ICMP Queries
* Hacking Tool: netcraft.com
* Port Scanning
* TCPs 3-way handshake
* TCP Scan types
* Hacking Tool: IPEye
* Hacking Tool: IPSECSCAN
* Hacking Tool: nmap
* Port Scan countermeasures
* Hacking Tool: HTTrack Web Copier
* Network Management Tools
* SolarWinds Toolset
* NeoWatch
* War Dialing
* Proxy Servers
* Hacking Tool: SocksChain
* Surf the web anonymously
* TCP/IP through HTTP Tunneling
* Hacking Tool: HTTPort
* Hacking Tool: Tunneld
* Hacking Tool: BackStealth
* Find & fix web server vulnerabilities
* Data mining authentication information
* Hacking by brute forcing remotely
Defend your networks against unauthorized access and
denial-of-service attacks at the permiter.
* You will examine the weaknesses of firewall architectures
* Securing mail with VPN
* Examine e-shoplifting
* Hack SSL-enabled sites
The impact of Zero-day viruses to are nothing compared
to Trojans.
* What is a Trojan Horse?
* Overt and Covert
* BoSniffer
* Hacking Tool: NetBus
* ComputerSpy Key Logger
* Hacking Tool: Beast Trojan
* Wrappers
* Hacking Tool: Whack a Mole Trojan Construction Kit
* Writing Trojans in Java
* Covert Channels
* ICMP Tunneling
* Reverse WWW Shell
* Backdoor Countermeasures
* BO Startup and Registry Entries
* NetBus Startup and Registry Keys
* Port Monitoring Tools
* fPort
* TCPView
* Process Viewer
* Inzider - Tracks Processes and Ports
* Trojan Maker
* Man-in-the-Middle Attack
* Hacking Tool: dsniff
* System File Verification
* TripWire
How to detect the crime, track the criminal, and assemble
the evidence.
Computer Forensics and Investigations as a Profession
* Understanding Computer Forensics
* Comparing Definitions of Computer Forensics
* Exploring a Brief History of Computer Forensics
* Developing Computer Forensics Resources
* Preparing for Computing Investigations
* Understanding Enforcement Agency Investigations
* Understanding Corporate Investigations
* Maintaining Professional Conduct
Understanding Computer Investigations
* Preparing a Computer Investigation
* Examining a Computer Crime
* Examining a Company-Policy Violation
* Taking a Systematic Approach
* Assessing the Case
* Planning Your Investigation
* Securing Your Evidence
* Understanding Data-Recovery Workstations and Software
* Setting Up Your Workstation for Computer Forensics
* Executing an Investigation
* Gathering the Evidence
* Copying the Evidence Disk
* Analyzing Your Digital Evidence
* Completing the Case
* Critiquing the Case
Some of the penetration or anti- hacking concepts you will see
during this class
o Attacking network infrastructure devices
o Hacking by brute forcing remotely
o Security testing methodologies
o Security exploit testing with IMPACT from Core Security
o Stealthy network recon
o Remote root vulnerability exploitation
o Multi-OS banner grabbing
o Privilege escalation hacking
o Unauthorized data extraction
o Breaking IP-based ACLs via spoofing
o Evidence removal and anti-forensics
o Hacking Web Applications
o Breaking into databases with SQL Injection
o Cross Site Scripting hacking
o Remote access trojan hacking
o Offensive sniffing
o Justifying a penetration test to management and customers
o Defensive techniques
Instructor-led demo exercises
o Abusing DNS for host identification
o Leaking system information from Unix and Windows
o Stealthy Recon
o Unix, Windows and Cisco password cracking
o Remote buffer overflow exploit lab I – Stack mashing
o Remote heap overflow exploit lab - Beyond the Stack
o Desktop exploitation
o Remote keylogging
o Data mining authentication information from clear-text protocols
o Remote sniffing
o Malicious event log editing
o Transferring files through firewalls
o Hacking into Cisco routers
o Harvesting web application data
o Data retrieval with SQL Injection Hacking
Request
Class Dates or In-House Training of Classes.
|