A Certified Ethical Hacker is a skilled professional who understands and knows how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s). The CEH credential certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective.
Certified Ethical Hacker (CEH)
CEH is a comprehensive Ethical Hacking and Information Systems Security Auditing program focusing on latest security threats, advanced attack vectors and practical, real-time demonstration of latest hacking techniques, methodologies, tools, tricks and security measures. Unlike other theoretical trainings, you will be immersed in interactive sessions and there will be hands-on lab. You can explore the newly gained knowledge right away in your classroom by trying to test, hack and secure your systems. The lab intensive environment glves you in-depth knowledge and practical experience of the current essential security systems.
The Certified Ethical Hacker program is the most desired information security training program any information security professional will ever want to be in. To master the hacking technologies, you will need to become one, but an ethical one! The accredited course provides the advanced hacking tools and techniques used by hackers and information security professionals alike to break into an organization. As we put it, “To beat a hacker, you need to think like a hacker”.
This course will immerse you into the Hacker Mindset so that you will be able to defend against future attacks. The security mindset in any organization must not be limited to the silos of a certain vendor, technologies or pieces of equipment.
This ethical hacking course puts you in the driver’s seat of a hands-on environment with a systematic process. Here, you will be exposed to an entirely different way of achieving optimal information security posture in their organization; by hacking it! You will scan, test, hack and secure your own systems. You will be taught the five phases of ethical hacking and the ways to approach your target and succeed at breaking in every time! The five phases include Reconnaissance, Gaining Access, Enumeration, Maintaining Access, and covering your tracks.
- This comprehensive ethical hacking course covers 18 of the most relevant security domains of the contemporary InfoSec space. These domains are dealt with in dedicated modules, cumulatively covering 270 attack techniques, commonly used by hackers.
- Our security experts have designed over 140 labs for the course which mimic real-time scenarios to give you the taste of the actual threats and attacks. The course also provides access to over 2200 commonly used hacking tools to familiarize you with the tools Of the trade of hackers word wide.
- CEH focuses on the latest hacking attacks targeted to mobile platform, tablet computer and cloud and, covers countermeasures to secure mobile and cloud infrastructure,
- CEH certified members will receive their certification bearing the ANSI stamp of quality.
- CEH iLabs (subscription based) - Students now can dynamically access a host of Virtual Machines preconfigured with vulnerabilities, exploits, tools, and scripts from anywhere with an internet connection. This is a cloud based subscription service from EC-Council designed to deliver serious hands on practice for the information security professional.
The cloud portal enables a course participant to launch an entire range Of target machines and access them remotely with just a few clicks. It is the most cost effective, easy to use, ive range lab solution available globally today.
Who should attend?
This course will significantly benefit security professionals, security Officers, auditors, site administrators, web programmers and anyone who is concerned about the integrity of the network infrastructure.
Course Duration: 40 Hours/ 5 Days
Exam Information:
Exam Questions: 125 Questions
Exam Duration: 4 Hours
Passing Score: 70%
Module 1: Introduction to Ethical Hacking
- Information security overview
- Information security threats and attack vectors
- Hacking concepts
- Ethical hacking concepts
- Information Security Controls
- Penetration testing concepts
- Information security laws and standards
Module 2: Footprinting and Reconnaissance
- Footprinting concepts
- Footprinting through Search Engines
- Footprinting through Web Services
- Footprinting through Social Networking sites
- Website footprinting
- Email footprinting
- Competitive Intelligence
- WHOIS Footprinting
- DNS footprinting
- Network footprinting
- Footprinting through social engineering
- Footprinting tools
- Countermeasures
- Footprinting pen testing
Module 3: Scanning Networks
- Network scanning concepts
- Scanning tools
- Scanning techniques
- Scanning beyond IDS and firewall
- Banner grabbing
- Draw network diagrams
- Scanning pen test
Module 4: Enumeration
- Enumeration concepts
- NetBIOS Enumeration
- SNMP Enumeration
- LDAP Enumeration
- NTP Enumeration SMTP and DNS Enumeration
- Other enurmeration techniques
- Enumeration countermeasures
- Enumeration pen testing
Module 5: Vulnerability Analysis
- Vulnerability assessment concepts
- Vulnerability assessment solutions
- Vulnerability scoring systems
- Vulnerability assessment tools
- Vulnerability assessment reports
Module 6: System Hacking
- System hacking concepts
- Cracking passwords
- Escalating privileges
- Executing applications
- Hiding files
- Covering tracks
- Penetration testing
Module 7: Malware Threats
- Malware concepts
- Trojan concepts
- Virus and worm concepts
- Malware analysis
- Countermeasures
- Anti-Malware software
- Malware penetration testing
Module 8: Sniffing
- Sniffing concepts
- Sniffing techniques: MAC Attacks
- Sniffing techniques: DHCP attacks
- Sniffing techniques: ARP Poisoning
- Sniffing techniques: Spoofing attacks
- Sniffing techniques: DNS poisoning
- Sniffing tools
- COuntermeasures
- Sniffing detection techniques
- Sniffing pen testing
Module 9: Social Engineering
- Social engineering concepts
- Social engineering techniques
- Insider threats
- Impersonation on social networking sites
- Identity theft
- Countermeasures
- Social engineering pen testing
Module 10: Denial of Service
- DoS/DDos Concepts
- DoS/DDoS attack techniques
- Botnets
- DDoS case study
- DoS/DDoS attack tools
- Countermeasures
- DoS/DDos protection tools
- DoS/DDoS penetration testing
Module 11: Session Hijacking
- Session hijacking concepts
- Application level session hijacking
- Network level session hijacking
- Session hijacking tools
- Countermeasures
- Penetration testing
Module 12: Evading IDS, Firewalls, and Honeypots
- IDS, firewall and honeypot concepts
- IDS, firewall and honeypot solutions
- Evading IDS
- Evading firewalls
- IDS/firewall evading tools
- Detecting honeypots
- IDS/Firewall evasion countermeasures
- Penetration testing
Module 13: Hacking Webservers
- Web server operations
- Web server attacks
- Web server attack methodology
- Web server attack tools
- Countermeasures
- Patch management
- Web server security tools
- Web server pen testing
Module 14: Hacking Web Applications
- Web app concepts
- Web app threats
- Hacking methodology
- Web app hacking tools
- Countermeasures
- Web app security testing tools
- Web app pen testing
Module 15: SQL Injection
- SQL injection concepts
- Types of SQL injection
- SQL injection methodology
- SQL injection tools
- Evasion techniques
- Countermeasures
Module 16: Hacking Wireless Networks
- Wireless concepts
- Wireless encryption
- Wireless threats
- Wireless hacking methodology
- Wireless hacking tools
- Bluetooth hacking
- Countermeasures
- Wireless security tools
- Wireless pen testing
Module 17: Hacking Mobile Platforms
- Mobile platform attack vectors
- Hacking Android OS
- Hakcing iOS
- Mobile spyware
- Mobile device management
- Mobile security guidelines and tools
- Mobile pen testing
Module 18: IoT Hacking
- IoT concepts
- IoT attacks
- IoT hacking methodology
- IoT hacking tools
- Countermeasures
- IoT pen testing
Module 19: Cloud Computing
- Cloud computing concepts
- Cloud computing threats
- Cloud computing attacks
- Cloud security
- Cloud security tools
- Cloud penetration testing
Module 20: Cryptography
- Cryptography concepts
- Encryption algorithms
- Cryptography tools
- Public key infrastructure (PKI)
- Email encryption
- Disk encryption
- Cryptanalysis Countermeasures
Pearson VUE Exam Voucher Fee for CEH. Self-study students must apply for eligibility before purchasing exam voucher.
Note:
Self-study students must apply for eligibility before purchasing exam voucher. Please check the eligibility criteria listed at https://cert.eccouncil.org/application-process-eligibility.html
Should you require the exam voucher validity to be extended, kindly contact finance@eccouncil.org before the voucher expires. Only valid vouchers can be extended.
Please visit the voucher extension policy prior to purchase https://cert.eccouncil.org/exam-voucher-extension-policy.html
Our working days are Mondays to Fridays, excluding weekends and public holidays. All orders received within these days shall be processed within 48 hours. Orders received on weekends will be processed the next working day.