Overview
* This class is also available as a self-study package with 12 months of class access and an exam
The Certified Professional Ethical Hacker vendor neutral certification course is the foundational training to mile2’s line of penetration testing courses.
The CPEH certification training enables students to understand the importance of vulnerability assessments by providing industry knowledge and skills in Vulnerability Assessments. In doing so, the CPEH student is able to understand how malware and destructive viruses function. In addition, the CPEH course helps students learn how to implement counter response and preventative measures when it comes to a network hack.
The CPEH course provides in-depth labs that focus on both open source and commercial based tools with industry best practices. These hands on labs emulate real world hacking scenarios and equip the candidate to assess your company’s security posture, help implement controls to better secure your company’s network infrastructure and how to combat against hackers and/or viruses, etc.
Audience Profile
-
- Information System Owners
-
- Security Officers
-
- Ethical Hackers
-
- Information Owners
-
- Penetration Testers
-
- System Owner and Managers
-
- Cyber Security Engineers
Prerequisites
-
- 12 months of IT security experience
-
- 12 months of Networking Experience
Course Outline
Module 1 – Security Fundamentals
Module 2 – Access Controls
Module 3 – Protocols
Module 4 -Cryptography
Module 5 – Why Vulnerability Assessments?
Module 6 – Vulnerability Tools of the Trade
Module 7 – Output Analysis and Reports
Module 8 – Reconnaissance, Enumeration & Scanning
Module 9 – Gaining Access
Module 10 – Maintaining Access
Module 11 – Covering Tracks
Module 12 – Malware
Module 13 – Buffer Overflows
Appendix 1 – Economics and Law
Appendix 2 – Vulnerability Types
Appendix 3 – Assessing Web Servers
Appendix 4 – Assessing Remote & VPN Services
Appendix 5 – Denial of Services
Module 1 – Security Fundamentals
Overview
The Growth of Environments and Security
Our Motivation…
The Goal: Protecting Information!
CIA Triad in Detail
Approach Security Holistically
Security Definitions
Definitions Relationships
Method: Ping
The TCP/IP Stack
Which Services Use Which Ports?
TCP 3-Way Handshake
TCP Flags
Malware
Types of Malware
Types of Malware Cont…
Types of Viruses
More Malware: Spyware
Trojan Horses
Back Doors
DoS
DDoS
Packet Sniffers
Passive Sniffing
Active Sniffing
Firewalls, IDS and IPS
Firewall – First
Line of Defense
IDS – Second Line of Defense
IPS – Last Line of Defense?
Firewalls
Firewall Types:
(1) Packet Filtering
Firewall Types:
(2) Proxy Firewalls
Firewall Types –
Circuit-Level Proxy Firewall
Type of Circuit-
Level Proxy – SOCKS
Firewall Types –
Application-Layer Proxy
Firewall Types: (3) Stateful
Firewall Types:
(4) Dynamic Packet-Filtering
Firewall Types:
(5) Kernel Proxies
Firewall Placement
Firewall Architecture
Types – Screened Host
Multi- or Dual-Homed
Screened Subnet
Wi-Fi Network Types
Wi-Fi Network Types
Widely Deployed Standards
Standards Comparison
802.11n – MIMO
Overview of Database Server
Review
Module 2 – Access Controls
Overview
Role of Access Control
Definitions
More Definitions
Categories of Access Controls
Physical Controls
Logical Controls
“Soft” Controls
Security Roles
Steps to Granting Access
Access Criteria
Physical Access
Control Mechanisms
Biometric System Types
Synchronous Token
Asynchronous Token Device
Memory Cards
Smart Card
Cryptographic Keys
Logical Access Controls
OS Access Controls
Linux Access Controls
Accounts and Groups
Password &
Shadow File Formats
Accounts and Groups
Linux and UNIX Permissions
Set UID Programs
Trust Relationships
Review
Module 3 – Protocols
Protocols Overview
OSI – Application Layer
OSI – Presentation Layer
OSI – Session Layer
Transport Layer
OSI – Network Layer
OSI – Data Link
OSI – Physical Layer
Protocols at Each OSI Model Layer
TCP/IP Suite
Port and Protocol Relationship
Conceptual Use of Ports
UDP versus TCP
Protocols – ARP
Protocols – ICMP
Network Service – DNS
SSH Security Protocol
SSH
Protocols – SNMP
Protocols – SMTP
Packet Sniffers
Example Packet Sniffers
Review
Module 4 -Cryptography
Overview
Introduction
Encryption
Cryptographic Definitions
Encryption Algorithm
Implementation
Symmetric Encryption
Symmetric Downfalls
Symmetric Algorithms
Crack Times
Asymmetric Encryption
Public Key
Cryptography Advantages
Asymmetric
Algorithm Disadvantages
Asymmetric
Algorithm Examples
Key Exchange
Symmetric versus Asymmetric
Using the
Algorithm Types Together
Instructor Demonstration
Hashing
Common Hash Algorithms
Birthday Attack
Example of a Birthday Attack
Generic Hash Demo
Instructor Demonstration
Security Issues in Hashing
Hash Collisions
MD5 Collision Creates
Rogue Certificate Authority
Hybrid Encryption
Digital Signatures
SSL/TLS
SSL Connection Setup
SSL Hybrid Encryption
SSH
IPSec – Network Layer Protection
IPSec
IPSec
Public Key Infrastructure
Quantum Cryptography
Attack Vectors
Network Attacks
More Attacks (Cryptanalysis)
Review
Module 5 – Why Vulnerability Assessments
Overview
What is a
Vulnerability Assessment?
Vulnerability Assessment
Benefits of a Vulnerability Assessment
What are Vulnerabilities?
Security Vulnerability Life Cycle
Compliance and Project Scoping
The Project
Overview Statement
Project Overview Statement
Assessing Current
Network Concerns
Vulnerabilities in Networks
More Concerns
Network Vulnerability
Assessment Methodology
Network Vulnerability
Assessment Methodology
Phase I: Data Collection
Phase II: Interviews, Information Reviews, and Hands-On Investigation
Phase III: Analysis
Analysis cont.
Risk Management
Why Is Risk
Management Difficult?
Risk Analysis Objectives
Putting Together the Team and Components
What Is the Value of an Asset?
Examples of Some Vulnerabilities that Are Not Always Obvious
Categorizing Risks
Some Examples of Types of Losses
Different Approaches to Analysis
Who Uses What?
Qualitative Analysis Steps
Quantitative Analysis
ALE Values Uses
ALE Example
ARO Values and Their Meaning
ALE Calculation
Can a Purely Quantitative Analysis Be Accomplished?
Comparing Cost and Benefit
Countermeasure Criteria
Calculating Cost/Benefit
Cost of a Countermeasure
Can You Get Rid of All Risk?
Management’s Response to Identified Risks
Liability of Actions
Policy Re