Certified Professional Ethical Hacker (Self-Paced or Instructor-Led Live) - C)PEH Course Outline

(5 Days)


* This class is also available as a self-study package with 12 months of class access and an exam


The Certified Professional Ethical Hacker vendor neutral certification course is the foundational training to mile2’s line of penetration testing courses.


The CPEH certification training enables students to understand the importance of vulnerability assessments by providing industry knowledge and skills in Vulnerability Assessments. In doing so, the CPEH student is able to understand how malware and destructive viruses function. In addition, the CPEH course helps students learn how to implement counter response and preventative measures when it comes to a network hack.


The CPEH course provides in-depth labs that focus on both open source and commercial based tools with industry best practices. These hands on labs emulate real world hacking scenarios and equip the candidate to assess your company’s security posture, help implement controls to better secure your company’s network infrastructure and how to combat against hackers and/or viruses, etc.

Audience Profile


    • Information System Owners


    • Security Officers


    • Ethical Hackers


    • Information Owners


    • Penetration Testers


    • System Owner and Managers


    • Cyber Security Engineers




    • 12 months of IT security experience


    • 12 months of Networking Experience



Course Outline

Module 1 – Security Fundamentals


Module 2 – Access Controls


Module 3 – Protocols


Module 4 -Cryptography


Module 5 – Why Vulnerability Assessments?


Module 6 – Vulnerability Tools of the Trade


Module 7 – Output Analysis and Reports


Module 8 – Reconnaissance, Enumeration & Scanning


Module 9 – Gaining Access


Module 10 – Maintaining Access


Module 11 – Covering Tracks


Module 12 – Malware


Module 13 – Buffer Overflows


Appendix 1 – Economics and Law


Appendix 2 – Vulnerability Types


Appendix 3 – Assessing Web Servers


Appendix 4 – Assessing Remote & VPN Services


Appendix 5 – Denial of Services


Module 1 – Security Fundamentals




The Growth of Environments and Security


Our Motivation…


The Goal: Protecting Information!


CIA Triad in Detail


Approach Security Holistically


Security Definitions


Definitions Relationships


Method: Ping


The TCP/IP Stack


Which Services Use Which Ports?


TCP 3-Way Handshake


TCP Flags




Types of Malware


Types of Malware Cont…


Types of Viruses


More Malware: Spyware


Trojan Horses


Back Doors






Packet Sniffers


Passive Sniffing


Active Sniffing


Firewalls, IDS and IPS


Firewall – First
Line of Defense


IDS – Second Line of Defense


IPS – Last Line of Defense?




Firewall Types:
(1) Packet Filtering


Firewall Types:
(2) Proxy Firewalls


Firewall Types –
Circuit-Level Proxy Firewall


Type of Circuit-
Level Proxy – SOCKS


Firewall Types –
Application-Layer Proxy


Firewall Types: (3) Stateful


Firewall Types:
(4) Dynamic Packet-Filtering


Firewall Types:
(5) Kernel Proxies


Firewall Placement


Firewall Architecture
Types – Screened Host


Multi- or Dual-Homed


Screened Subnet


Wi-Fi Network Types


Wi-Fi Network Types


Widely Deployed Standards


Standards Comparison


802.11n – MIMO


Overview of Database Server




Module 2 – Access Controls




Role of Access Control




More Definitions


Categories of Access Controls


Physical Controls


Logical Controls


“Soft” Controls


Security Roles


Steps to Granting Access


Access Criteria


Physical Access
Control Mechanisms


Biometric System Types


Synchronous Token


Asynchronous Token Device


Memory Cards


Smart Card


Cryptographic Keys


Logical Access Controls


OS Access Controls


Linux Access Controls


Accounts and Groups


Password &
Shadow File Formats


Accounts and Groups


Linux and UNIX Permissions


Set UID Programs


Trust Relationships




Module 3 – Protocols


Protocols Overview


OSI – Application Layer


OSI – Presentation Layer


OSI – Session Layer


Transport Layer


OSI – Network Layer


OSI – Data Link


OSI – Physical Layer


Protocols at Each OSI Model Layer


TCP/IP Suite


Port and Protocol Relationship


Conceptual Use of Ports


UDP versus TCP


Protocols – ARP


Protocols – ICMP


Network Service – DNS


SSH Security Protocol




Protocols – SNMP


Protocols – SMTP


Packet Sniffers


Example Packet Sniffers




Module 4 -Cryptography








Cryptographic Definitions


Encryption Algorithm




Symmetric Encryption


Symmetric Downfalls


Symmetric Algorithms


Crack Times


Asymmetric Encryption


Public Key
Cryptography Advantages


Algorithm Disadvantages


Algorithm Examples


Key Exchange


Symmetric versus Asymmetric


Using the
Algorithm Types Together


Instructor Demonstration




Common Hash Algorithms


Birthday Attack


Example of a Birthday Attack


Generic Hash Demo


Instructor Demonstration


Security Issues in Hashing


Hash Collisions


MD5 Collision Creates
Rogue Certificate Authority


Hybrid Encryption


Digital Signatures




SSL Connection Setup


SSL Hybrid Encryption




IPSec – Network Layer Protection






Public Key Infrastructure


Quantum Cryptography


Attack Vectors


Network Attacks


More Attacks (Cryptanalysis)




Module 5 – Why Vulnerability Assessments




What is a
Vulnerability Assessment?


Vulnerability Assessment


Benefits of a Vulnerability Assessment


What are Vulnerabilities?


Security Vulnerability Life Cycle


Compliance and Project Scoping


The Project
Overview Statement


Project Overview Statement


Assessing Current
Network Concerns


Vulnerabilities in Networks


More Concerns


Network Vulnerability
Assessment Methodology


Network Vulnerability
Assessment Methodology


Phase I: Data Collection


Phase II: Interviews, Information Reviews, and Hands-On Investigation


Phase III: Analysis


Analysis cont.


Risk Management


Why Is Risk
Management Difficult?


Risk Analysis Objectives


Putting Together the Team and Components


What Is the Value of an Asset?


Examples of Some Vulnerabilities that Are Not Always Obvious


Categorizing Risks


Some Examples of Types of Losses


Different Approaches to Analysis


Who Uses What?


Qualitative Analysis Steps


Quantitative Analysis


ALE Values Uses


ALE Example


ARO Values and Their Meaning


ALE Calculation


Can a Purely Quantitative Analysis Be Accomplished?


Comparing Cost and Benefit


Countermeasure Criteria


Calculating Cost/Benefit


Cost of a Countermeasure


Can You Get Rid of All Risk?


Management’s Response to Identified Risks


Liability of Actions


Policy Re