Certified Professional Ethical Hacker (Self-Paced or Instructor-Led Live) - C)PEH Course Outline

(5 Days)

Overview

* This class is also available as a self-study package with 12 months of class access and an exam

 

The Certified Professional Ethical Hacker vendor neutral certification course is the foundational training to mile2’s line of penetration testing courses.

 

The CPEH certification training enables students to understand the importance of vulnerability assessments by providing industry knowledge and skills in Vulnerability Assessments. In doing so, the CPEH student is able to understand how malware and destructive viruses function. In addition, the CPEH course helps students learn how to implement counter response and preventative measures when it comes to a network hack.

 

The CPEH course provides in-depth labs that focus on both open source and commercial based tools with industry best practices. These hands on labs emulate real world hacking scenarios and equip the candidate to assess your company’s security posture, help implement controls to better secure your company’s network infrastructure and how to combat against hackers and/or viruses, etc.

Audience Profile

 

    • Information System Owners

 

    • Security Officers

 

    • Ethical Hackers

 

    • Information Owners

 

    • Penetration Testers

 

    • System Owner and Managers

 

    • Cyber Security Engineers

 

Prerequisites

 

    • 12 months of IT security experience

 

    • 12 months of Networking Experience

 

 

Course Outline

Module 1 – Security Fundamentals

 

Module 2 – Access Controls

 

Module 3 – Protocols

 

Module 4 -Cryptography

 

Module 5 – Why Vulnerability Assessments?

 

Module 6 – Vulnerability Tools of the Trade

 

Module 7 – Output Analysis and Reports

 

Module 8 – Reconnaissance, Enumeration & Scanning

 

Module 9 – Gaining Access

 

Module 10 – Maintaining Access

 

Module 11 – Covering Tracks

 

Module 12 – Malware

 

Module 13 – Buffer Overflows

 

Appendix 1 – Economics and Law

 

Appendix 2 – Vulnerability Types

 

Appendix 3 – Assessing Web Servers

 

Appendix 4 – Assessing Remote & VPN Services

 

Appendix 5 – Denial of Services

 

Module 1 – Security Fundamentals

 

Overview

 

The Growth of Environments and Security

 

Our Motivation…

 

The Goal: Protecting Information!

 

CIA Triad in Detail

 

Approach Security Holistically

 

Security Definitions

 

Definitions Relationships

 

Method: Ping

 

The TCP/IP Stack

 

Which Services Use Which Ports?

 

TCP 3-Way Handshake

 

TCP Flags

 

Malware

 

Types of Malware

 

Types of Malware Cont…

 

Types of Viruses

 

More Malware: Spyware

 

Trojan Horses

 

Back Doors

 

DoS

 

DDoS

 

Packet Sniffers

 

Passive Sniffing

 

Active Sniffing

 

Firewalls, IDS and IPS

 

Firewall – First
Line of Defense

 

IDS – Second Line of Defense

 

IPS – Last Line of Defense?

 

Firewalls

 

Firewall Types:
(1) Packet Filtering

 

Firewall Types:
(2) Proxy Firewalls

 

Firewall Types –
Circuit-Level Proxy Firewall

 

Type of Circuit-
Level Proxy – SOCKS

 

Firewall Types –
Application-Layer Proxy

 

Firewall Types: (3) Stateful

 

Firewall Types:
(4) Dynamic Packet-Filtering

 

Firewall Types:
(5) Kernel Proxies

 

Firewall Placement

 

Firewall Architecture
Types – Screened Host

 

Multi- or Dual-Homed

 

Screened Subnet

 

Wi-Fi Network Types

 

Wi-Fi Network Types

 

Widely Deployed Standards

 

Standards Comparison

 

802.11n – MIMO

 

Overview of Database Server

 

Review

 

Module 2 – Access Controls

 

Overview

 

Role of Access Control

 

Definitions

 

More Definitions

 

Categories of Access Controls

 

Physical Controls

 

Logical Controls

 

“Soft” Controls

 

Security Roles

 

Steps to Granting Access

 

Access Criteria

 

Physical Access
Control Mechanisms

 

Biometric System Types

 

Synchronous Token

 

Asynchronous Token Device

 

Memory Cards

 

Smart Card

 

Cryptographic Keys

 

Logical Access Controls

 

OS Access Controls

 

Linux Access Controls

 

Accounts and Groups

 

Password &
Shadow File Formats

 

Accounts and Groups

 

Linux and UNIX Permissions

 

Set UID Programs

 

Trust Relationships

 

Review

 

Module 3 – Protocols

 

Protocols Overview

 

OSI – Application Layer

 

OSI – Presentation Layer

 

OSI – Session Layer

 

Transport Layer

 

OSI – Network Layer

 

OSI – Data Link

 

OSI – Physical Layer

 

Protocols at Each OSI Model Layer

 

TCP/IP Suite

 

Port and Protocol Relationship

 

Conceptual Use of Ports

 

UDP versus TCP

 

Protocols – ARP

 

Protocols – ICMP

 

Network Service – DNS

 

SSH Security Protocol

 

SSH

 

Protocols – SNMP

 

Protocols – SMTP

 

Packet Sniffers

 

Example Packet Sniffers

 

Review

 

Module 4 -Cryptography

 

Overview

 

Introduction

 

Encryption

 

Cryptographic Definitions

 

Encryption Algorithm

 

Implementation

 

Symmetric Encryption

 

Symmetric Downfalls

 

Symmetric Algorithms

 

Crack Times

 

Asymmetric Encryption

 

Public Key
Cryptography Advantages

 

Asymmetric
Algorithm Disadvantages

 

Asymmetric
Algorithm Examples

 

Key Exchange

 

Symmetric versus Asymmetric

 

Using the
Algorithm Types Together

 

Instructor Demonstration

 

Hashing

 

Common Hash Algorithms

 

Birthday Attack

 

Example of a Birthday Attack

 

Generic Hash Demo

 

Instructor Demonstration

 

Security Issues in Hashing

 

Hash Collisions

 

MD5 Collision Creates
Rogue Certificate Authority

 

Hybrid Encryption

 

Digital Signatures

 

SSL/TLS

 

SSL Connection Setup

 

SSL Hybrid Encryption

 

SSH

 

IPSec – Network Layer Protection

 

IPSec

 

IPSec

 

Public Key Infrastructure

 

Quantum Cryptography

 

Attack Vectors

 

Network Attacks

 

More Attacks (Cryptanalysis)

 

Review

 

Module 5 – Why Vulnerability Assessments

 

Overview

 

What is a
Vulnerability Assessment?

 

Vulnerability Assessment

 

Benefits of a Vulnerability Assessment

 

What are Vulnerabilities?

 

Security Vulnerability Life Cycle

 

Compliance and Project Scoping

 

The Project
Overview Statement

 

Project Overview Statement

 

Assessing Current
Network Concerns

 

Vulnerabilities in Networks

 

More Concerns

 

Network Vulnerability
Assessment Methodology

 

Network Vulnerability
Assessment Methodology

 

Phase I: Data Collection

 

Phase II: Interviews, Information Reviews, and Hands-On Investigation

 

Phase III: Analysis

 

Analysis cont.

 

Risk Management

 

Why Is Risk
Management Difficult?

 

Risk Analysis Objectives

 

Putting Together the Team and Components

 

What Is the Value of an Asset?

 

Examples of Some Vulnerabilities that Are Not Always Obvious

 

Categorizing Risks

 

Some Examples of Types of Losses

 

Different Approaches to Analysis

 

Who Uses What?

 

Qualitative Analysis Steps

 

Quantitative Analysis

 

ALE Values Uses

 

ALE Example

 

ARO Values and Their Meaning

 

ALE Calculation

 

Can a Purely Quantitative Analysis Be Accomplished?

 

Comparing Cost and Benefit

 

Countermeasure Criteria

 

Calculating Cost/Benefit

 

Cost of a Countermeasure

 

Can You Get Rid of All Risk?

 

Management’s Response to Identified Risks

 

Liability of Actions

 

Policy Re