Certified Ethical Hacker (CEH)

Certified Ethical Hacker (CEH)

  • Codice
    DT0100
  • Prezzo
    3.390,00 €
  • Durata
    5 gg
  • In Promozione
Acquista Data - Modalità Promo Data Conf.
11/07/2022 - Online 2.373,00 €
17/10/2022 - Online 0,00 €

Descrizione

L'edizione in partenza il 17 ottobre si svolgerà nei giorni 17, 18, 19, 24 e 25 ottobre

Dalla sua creazione nel 2003, il corso Certified Ethical Hacker si è ampiamente diffuso nel mondo, si tratta di una certificazione riconosciuta e accreditata in conformità ANSI 17024, che dà credibilità e valore aggiunto ai membri certificati.

È stato aggiornato per fornire agli studenti gli strumenti e le tecniche utilizzate da hackers e professionisti della sicurezza, allo scopo di poter entrare in qualsiasi sistema informativo. È ora disponibile in versione 11.

Il programma farà immedesimare i partecipanti “nella mentalità dell’Hacker”, cioè insegnerà a pensare come un Hacker e difendersi meglio.
Gli studenti comprenderanno come scansionare, testare e proteggere un sistema.

Il corso copre le 5 fasi dell’Ethical Hacking: “Reconnaissance, Gaining Access, Enumeration, Maintaining Access and Covering your tracks”

Target

Questa formazione si rivolge ai responsabili sicurezza, agli auditor, ai professionisti della sicurezza, agli amministratori di siti ma anche a tutte le persone coinvolte nelle problematiche di stabilità dei sistemi informativi.

Prerequisiti

  • Conoscenza di base del protocollo TCP/IP.
  • Conoscenza di base dei sistemi operativi Windows.
  • Conoscenza di base dei sistemi operativi Linux.

Programma Corso

Module 01: Introduction to Ethical Hacking

  • Information Security Overview
  • Cyber Kill Chain Concepts
  • Hacking Concepts
  • Ethical Hacking Concepts
  • Information Security Controls
  • Information Security Laws and Standards

Module 02: Footprinting and Reconnaissance

  • Footprinting Concepts
  • What is Footprinting?
  • Footprinting through Search Engines
  • Footprinting through Search Engines
  • Footprint Using Advanced Google Hacking Techniques
  • Google Hacking Database
  • VoIP and VPN Footprinting through Google Hacking Database
  • Other Techniques for Footprinting through Search Engines
  • Footprinting through Web Services
  • Footprinting through Social Networking Sites
  • Website Footprinting
  • Email Footprinting
  • Whois Footprinting
  • DNS Footprinting
  • Network Footprinting
  • Footprinting through Social Engineering
  • Footprinting Tools
  • Footprinting Countermeasures

Module 03: Scanning Networks

  • Network Scanning Concepts
  • Scanning Tools
  • Host Discovery
  • Port and Service Discovery
  • OS Discovery (Banner Grabbing/OS Fingerprinting)
  • Scanning Beyond IDS and Firewall
  • Draw Network Diagrams

Module 04: Enumeration

  • Enumeration Concepts
  • NetBIOS Enumeration
  • SNMP Enumeration
  • LDAP Enumeration
  • NTP and NFS Enumeration
  • SMTP and DNS Enumeration
  • Other Enumeration Techniques
  • Enumeration Countermeasures

Module 05: Vulnerability Analysis

  • Vulnerability Assessment Concepts
  • Vulnerability Classification and Assessment Types
  • Vulnerability Assessment Solutions and Tools
  • Vulnerability Assessment Reports

Module 06: System Hacking

  • System Hacking Concepts
  • Gaining Access
  • Escalating Privileges
  • Maintaining Access
  • Clearing Logs

Module 07: Malware Threats

  • Malware Concepts
  • APT Concepts
  • Trojan Concepts
  • Virus and Worm Concepts
  • Malware Analysis
  • Countermeasures
  • Anti-Malware Software

Module 08: Sniffing

  • Sniffing Concepts
  • Sniffing Technique: MAC Attacks
  • Sniffing Technique: DHCP Attacks
  • Sniffing Technique: ARP Poisoning
  • Sniffing Technique: Spoofing Attacks
  • Sniffing Technique: DNS Poisoning
  • Sniffing Tools
  • Countermeasures
  • Sniffing Detection Techniques

Module 09: Social Engineering

  • Social Engineering Concepts
  • Social Engineering Techniques
  • Insider Threats
  • Impersonation on Social Networking Sites
  • Identity Theft
  • Countermeasures

Module 10: Denial-of-Service

  • DoS/DDoS Concepts
  • DoS/DDoS Attack Techniques
  • Botnets
  • DDoS Case Study
  • DoS/DDoS Attack Tools
  • Countermeasures
  • DoS/DDoS Protection Tools

Module 11: Session Hijacking

  • Session Hijacking Concepts
  • Application Level Session Hijacking
  • Network Level Session Hijacking
  • Session Hijacking Tools
  • Countermeasures

Module 12: Evading IDS, Firewalls, and Honeypots

  • IDS, IPS, Firewall, and Honeypot Concepts
  • IDS, IPS, Firewall, and Honeypot Solutions
  • Evading IDS
  • IDS/Firewall Evading Tools
  • Detecting Honeypots
  • IDS/Firewall Evasion Countermeasures

Module 13: Hacking Web Servers

  • Web Server Concepts
  • Web Server Attacks
  • Web Server Attack Methodology
  • Web Server Attack Tools
  • Countermeasures
  • Patch Management
  • Web Server Security Tools

Module 14: Hacking Web Applications

  • Web Application Concepts
  • Web Application Threats
  • Web Application Hacking Methodology
  • Web API, Webhooks, and Web Shell
  • Web Application Security

Module 15: SQL Injection

  • SQL Injection Concepts
  • Types of SQL Injection
  • SQL Injection Methodology
  • SQL Injection Tools
  • Evasion Techniques
  • Countermeasures

Module 16: Hacking Wireless Networks

  • Wireless Concepts
  • Wireless Encryption
  • Wireless Threats
  • Wireless Hacking Methodology
  • Wireless Hacking Tools
  • Bluetooth Hacking
  • Countermeasures
  • Wireless Security Tools

Module 17: Hacking Mobile Platforms

  • Mobile Platform Attack Vectors
  • Hacking Android OS
  • Hacking iOS
  • Mobile Device Management

Module 18: IoT and OT Hacking

  • IoT Hacking IoT Concepts
  • IoT Attacks
  • IoT Hacking Methodology
  • IoT Hacking Tools
  • Countermeasures
  • OT Hacking OT Concepts
  • OT Attacks
  • OT Hacking Methodology
  • OT Hacking Tools
  • Countermeasures

Module 19: Cloud Computing

  • Cloud Computing Concepts
  • Container Technology
  • Serverless Computing
  • Cloud Computing Threats
  • Cloud Hacking
  • Cloud Security

Module 20: Cryptography

  • Cryptography Concepts
  • Encryption Algorithms
  • Cryptography Tools
  • Public Key Infrastructure (PKI)
  • Email Encryption
  • Disk Encryption
  • Cryptanalysis
  • Countermeasures

Certificazione

Titolo dell’esame: Certified Ethical Hacker (ANSI)
Codice dell’esame: 312-50
Numero di domande: 125 COM
Durata: 4 ore
Disponibilità: VUE / ECCEXAM
Opzione: RPS

Note

L'iscrizione al corso include:

  • materiali didattici ufficiali EC-Council fruibili in formato elettronico con accesso individuale:
  • laboratori remoti
  • il voucher per sostenere l'esame di certificazione