精于技术, 专于培训

道德黑客CEH培训,考试与认证

Certificated Ethical Hacker)被业界称之为道德骇客(正派黑客)认证,是专注于渗透测试的认。它是一个中立的技术认证,延自美国联邦调查局(FBI)训练人才课程。 黑客攻防是信息安全领域中,最引人注意的部分,CEH就是学习如何面对並防范骇客的攻击行为,不但要了解病毒、木马或蠕蟲入侵行為,更要培养黑客的攻防技巧。要参加CEH训练课程和考试,都须先签保密协定(NDA),主要是避免参加CEH训练课程的学员,非法使用所学的入侵手法。

  • 考试费用: 950美金
  • 考试类型: 机考

图片关键词

ECOUNCIL是CEH (道德骇客)的创始者和所有者,拥有著名的网络安全证书如正派黑客 <骇客杀手>国际认证(CEHI)计算机犯罪取证国际认证等课程,全方面满足不同阶层的网络安全需求。EC-COUNCIL 的足迹遍布全球 90多个国家,拥有超过480个全球合作伙伴,EC-COUNCIL 授予60, 000位世界500强的企业安全证书。

已取得EC-COUNCIL的安全证书的机构包括美国陆军,联邦调查局(FBI),微软,IBM等。EC-COUNCIL的多项证书得到美国政府机构的大力支持,美国联邦政府通过美国《退伍军人权利法》,国家安全局,国家安全通信与信息系统安全检查委员会,根据美国国防部DOD 8570准则规定,所有军方、联邦政府、外事单位、约聘雇全职和兼职公务人员,都必须依照工作内容通过资安认证计划书(CEH)。

认证道德黑客了解如何在目标系统中寻找弱点和漏洞,并使用与恶意黑客相同的知识和工具,但以合法的方式评估目标系统的安全状态。

CEH   证书的目的是:
建立和管理信息安全专家对道德黑客的最低标准。
向公众通报认证人员达到或超过最低标准。
加强道德黑客的行业自律。
认证目标人群:
道德黑客认证将加强安全人员,审核员,安全专业人员,网站管理员以及关心网络基础设施完整性的任何人的应用知识。
CEH认证被国际上认为是顶级热门安全证书。 


主要内容:

 

Module 1: Introduction to Ethical Hacking 

  • Information security overview

  • Skillsof an ethical hacker

  • HAckingconcepts and phases 

  • Typesof attacks

  • Informationsecurity threats, attack vectors, and controls 

  • InformationAssurance (IA)

  • InformationSecurity LAws and Standards

  • SecurityPolicies: types, HR/legal implicantions 

  • Physicalsecurity 

  • Threatmodeling 

  • EnterpriseInformation Security Architecture (EISA) 

  • network Security Zoning 

Module 2: Footprinting and Reconnaissance 

  • Footprinting concepts, threats, attack vectors, andcontrols 

  • Footprintingthrough Search Engines

  • Footprintingthrough Social Networking sites 

  • Websitefootprinting 

  • CompetitiveIntelligence 

  • WHOISFootprinting 

  • Footprinting tools 

Module 3: Scanning Networks

  • Scanning methodology, techniques and counter-measures

  • Techniquesfor IDS evasion, scanning, HTTP tunneling, and IP spoofing 

  • Drawingnetwork diagrams - latest network discovery and mapping tools, networkdiscovery tools for mobile

  • Proxy chaining - latest proxy tools, proxy tools formobile

Module 4: Enumeration 

  • Protocols: NetBios, SNMP, LDAP, NTP, SMTP, DNS

  • Countermeasures 

  • Techniques 

Module 5: System Hacking

  • Cracking passwords, escalating privileges, executingapplications, hiding files and covering tracks

  • Steganography - application and classification, tools,methods/attacks on steganography, steganography detection tools

Module 6: Malware Threats

  • Introduction to malware

  • Trojans--attacks,how to infect a system, crypters, how to deploy, latest types, analysis,countermeasures

  • Viruses--stages,types, latest virus maker, analysis, countermeasures

  • Worms--types,makers, analysis, countermeasures

  • Malwareanalysis

  • Antivirustools

  • Penetration testing

Module 7: Sniffing

  • Attacks: MAC, DHCP, and spoofing

  • Poisoning:ARP and DNS

  • Tools

  • Concepts,techniques, impersonation, identity theft, and countermeasures

  • Phasesof an attack

  • Commontargets of an attack

  • Impersonationscenario

  • Computer based, mobile based, social networking based

Module 8: Social Engineering

  • Concepts, techniques, impersonation, identity theft,and countermeasures

  • Phasesof an attack

  • Commontargets of an attack

  • Impersonationscenario

  • Computer based, mobile based, social networking based

Module 9: Denial of Service

  • Concepts, case study, tools, attack techniques, andcountermeasures

  • Botnet

  • Scanningmethods for vulnerable machines

  • Detection Techniques and tools

Module 10: Session Hijacking

  • Concepts, case study, tools, attack techniques, andcountermeasures

  • Fivestages of a web malware attack

  • Applicationlevel session hijacking

  • Networklevel session hijacking

  • TCP/IP Hijacking

Module 11: Hacking Webservers

  • Webserver market shares

  • Webservers

  • Webserver security issues

  • Webserverattacks, attack methodology, attack tools, and countermeasures

  • Patchmanagement

  • Webserversecurity tools

  • Webserver pen testing

Module 12: Hacking Web Applications

  • Web application threats

  • Concepts,hacking methodology, tools, and countermeasures

  • Analyzeweb applications

  • Web application pen testing

Module 13: SQL Injection

  • Concepts methodologies, types of SQL injection

  • Evasiontechniques and tools

  • Information gathering

Module 14: Hacking Wireless Networks

  • Concepts, encryption, threats, Bluetooth hackingmethodology, and countermeasures

  • Wireless security tools and hacking tools

Module 15: Hacking Mobile Platforms

  • Android OS, IOS,Windows Phone OS, Blackberry

  • Mobiledevice management, security guidelines and tools

  • OWASPMobile Top 10 Risks

  • LatestSniffers

  • LatestJailbreaking tools

  • Mobilespyware

  • BringYour Own Device (BYOD)

  • Mobile Anti-spyware

Module 16: Evading IDS, Firewalls, and Honeypots

  • Concepts and countermeasures

  • Honeypots,firewalls, IDS for mobile

  • EvadingIDS, firewalls

  • Detecting honeypots

Module 17: Cloud Computing

  • Concepts, methodologies, examples, detection, andcountermeasures

  • Separationof responsibilities

  • Virtualization

  • Threatsand attacks

  • Cloudsecurity control layers

  • Tools

  • Cloud penetration testing

Module 18: Cryptography

  • Concepts, encryption algorithms, email encryption, diskencryption, and attacks

  • Publickey infrastructure (PKI)

  • Cryptanalysisand cryptography tools

  • Hash calculators for Mobile

课程内容:

精品课程

课程内容

培训费用

优惠政策

CEH培训(视频班)

1. 价值1400$的视频课程

2. 16小时一对一考试指导

3. 官方实验室两个月的访问权限(单价400美金)

4.几百种工具免费送

4900元

1年内免费重听

图片关键词

 更多信息欢迎扫码咨询

1548675400447742.jpg