Certified Ethical Hacker (CEH)
Descrizione
L'edizione in partenza il 17 ottobre si svolgerà nei giorni 17, 18, 19, 24 e 25 ottobre
Dalla sua creazione nel 2003, il corso Certified Ethical Hacker si è ampiamente diffuso nel mondo, si tratta di una certificazione riconosciuta e accreditata in conformità ANSI 17024, che dà credibilità e valore aggiunto ai membri certificati.
È stato aggiornato per fornire agli studenti gli strumenti e le tecniche utilizzate da hackers e professionisti della sicurezza, allo scopo di poter entrare in qualsiasi sistema informativo. È ora disponibile in versione 11.
Il programma farà immedesimare i partecipanti “nella mentalità dell’Hacker”, cioè insegnerà a pensare come un Hacker e difendersi meglio.
Gli studenti comprenderanno come scansionare, testare e proteggere un sistema.
Il corso copre le 5 fasi dell’Ethical Hacking: “Reconnaissance, Gaining Access, Enumeration, Maintaining Access and Covering your tracks”
Target
Questa formazione si rivolge ai responsabili sicurezza, agli auditor, ai professionisti della sicurezza, agli amministratori di siti ma anche a tutte le persone coinvolte nelle problematiche di stabilità dei sistemi informativi.
Prerequisiti
- Conoscenza di base del protocollo TCP/IP.
- Conoscenza di base dei sistemi operativi Windows.
- Conoscenza di base dei sistemi operativi Linux.
Programma Corso
Module 01: Introduction to Ethical Hacking
- Information Security Overview
- Cyber Kill Chain Concepts
- Hacking Concepts
- Ethical Hacking Concepts
- Information Security Controls
- Information Security Laws and Standards
Module 02: Footprinting and Reconnaissance
- Footprinting Concepts
- What is Footprinting?
- Footprinting through Search Engines
- Footprinting through Search Engines
- Footprint Using Advanced Google Hacking Techniques
- Google Hacking Database
- VoIP and VPN Footprinting through Google Hacking Database
- Other Techniques for Footprinting through Search Engines
- Footprinting through Web Services
- Footprinting through Social Networking Sites
- Website Footprinting
- Email Footprinting
- Whois Footprinting
- DNS Footprinting
- Network Footprinting
- Footprinting through Social Engineering
- Footprinting Tools
- Footprinting Countermeasures
Module 03: Scanning Networks
- Network Scanning Concepts
- Scanning Tools
- Host Discovery
- Port and Service Discovery
- OS Discovery (Banner Grabbing/OS Fingerprinting)
- Scanning Beyond IDS and Firewall
- Draw Network Diagrams
Module 04: Enumeration
- Enumeration Concepts
- NetBIOS Enumeration
- SNMP Enumeration
- LDAP Enumeration
- NTP and NFS Enumeration
- SMTP and DNS Enumeration
- Other Enumeration Techniques
- Enumeration Countermeasures
Module 05: Vulnerability Analysis
- Vulnerability Assessment Concepts
- Vulnerability Classification and Assessment Types
- Vulnerability Assessment Solutions and Tools
- Vulnerability Assessment Reports
Module 06: System Hacking
- System Hacking Concepts
- Gaining Access
- Escalating Privileges
- Maintaining Access
- Clearing Logs
Module 07: Malware Threats
- Malware Concepts
- APT Concepts
- Trojan Concepts
- Virus and Worm Concepts
- Malware Analysis
- Countermeasures
- Anti-Malware Software
Module 08: Sniffing
- Sniffing Concepts
- Sniffing Technique: MAC Attacks
- Sniffing Technique: DHCP Attacks
- Sniffing Technique: ARP Poisoning
- Sniffing Technique: Spoofing Attacks
- Sniffing Technique: DNS Poisoning
- Sniffing Tools
- Countermeasures
- Sniffing Detection Techniques
Module 09: Social Engineering
- Social Engineering Concepts
- Social Engineering Techniques
- Insider Threats
- Impersonation on Social Networking Sites
- Identity Theft
- Countermeasures
Module 10: Denial-of-Service
- DoS/DDoS Concepts
- DoS/DDoS Attack Techniques
- Botnets
- DDoS Case Study
- DoS/DDoS Attack Tools
- Countermeasures
- DoS/DDoS Protection Tools
Module 11: Session Hijacking
- Session Hijacking Concepts
- Application Level Session Hijacking
- Network Level Session Hijacking
- Session Hijacking Tools
- Countermeasures
Module 12: Evading IDS, Firewalls, and Honeypots
- IDS, IPS, Firewall, and Honeypot Concepts
- IDS, IPS, Firewall, and Honeypot Solutions
- Evading IDS
- IDS/Firewall Evading Tools
- Detecting Honeypots
- IDS/Firewall Evasion Countermeasures
Module 13: Hacking Web Servers
- Web Server Concepts
- Web Server Attacks
- Web Server Attack Methodology
- Web Server Attack Tools
- Countermeasures
- Patch Management
- Web Server Security Tools
Module 14: Hacking Web Applications
- Web Application Concepts
- Web Application Threats
- Web Application Hacking Methodology
- Web API, Webhooks, and Web Shell
- Web Application Security
Module 15: SQL Injection
- SQL Injection Concepts
- Types of SQL Injection
- SQL Injection Methodology
- SQL Injection Tools
- Evasion Techniques
- Countermeasures
Module 16: Hacking Wireless Networks
- Wireless Concepts
- Wireless Encryption
- Wireless Threats
- Wireless Hacking Methodology
- Wireless Hacking Tools
- Bluetooth Hacking
- Countermeasures
- Wireless Security Tools
Module 17: Hacking Mobile Platforms
- Mobile Platform Attack Vectors
- Hacking Android OS
- Hacking iOS
- Mobile Device Management
Module 18: IoT and OT Hacking
- IoT Hacking IoT Concepts
- IoT Attacks
- IoT Hacking Methodology
- IoT Hacking Tools
- Countermeasures
- OT Hacking OT Concepts
- OT Attacks
- OT Hacking Methodology
- OT Hacking Tools
- Countermeasures
Module 19: Cloud Computing
- Cloud Computing Concepts
- Container Technology
- Serverless Computing
- Cloud Computing Threats
- Cloud Hacking
- Cloud Security
Module 20: Cryptography
- Cryptography Concepts
- Encryption Algorithms
- Cryptography Tools
- Public Key Infrastructure (PKI)
- Email Encryption
- Disk Encryption
- Cryptanalysis
- Countermeasures
Certificazione
Titolo dell’esame: Certified Ethical Hacker (ANSI)
Codice dell’esame: 312-50
Numero di domande: 125 COM
Durata: 4 ore
Disponibilità: VUE / ECCEXAM
Opzione: RPS
Note
L'iscrizione al corso include:
- materiali didattici ufficiali EC-Council fruibili in formato elettronico con accesso individuale:
- laboratori remoti
- il voucher per sostenere l'esame di certificazione