Certified Ethical Hacker (CEH) Training

Course Description

ALPI offers a hands-on approach to the most recognizable and desired information security training program in the industry.

Why choose ALPI for CEH training?

We use certified live instructors in both our in-person and virtual classes so you can ask questions and get answers right away.
We focus on real-world examples.
We teach using interactive, hands-on exercises.
We use EC Council accredited course materials.
Your will receive a Certificate of Achievement for attending the class.
Registration includes 6 months access to iLabs—dynamic access to a host of Virtual Machines preconfigured with vulnerabilities, exploits, tools, and scripts—with over 140 different exercises!

ALPI's accredited CEH course gives you the advanced hacking tools and techniques used by hackers and information security professionals alike to break into an organization.

Why CEH? A Certified Ethical Hacker is a skilled professional who understands and knows how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s). The CEH credential certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective.

By the end of this course, an attendee should be able to:

Successfully prepare for the Certified Ethical Hacker (CEH) Certification Exam.
Apply countermeasures to secure your system against threats.
Test system security and data access using real-world hacking techniques.
Employ complex tools to identify and analyze your company's risks and weaknesses.
Find vulnerabilities in a network infrastructure.

This course includes the certification exam in order to attain the CEH Certification. See prerequisites, below.

Duration

5 day(s)

Time

9 - 5 ET

Price

$3,664

Labs

When you take this course from ALPI, you receive 6 months of access to iLabs for over 140 different exercises. Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise.

Lab exercises are included for:

Footprinting and Reconnaissance
Scanning Networks
Enumeration
System Hacking
Trojans and Backdoors
Viruses and Worms
Sniffers
Social Engineering
Denial of Service
Session Hijacking
Hacking Webservers
Hacking Web Applications
SQL Injection
Hacking Wireless Networks
Evading IDS, Firewalls and Honeypots
Buffer Overflow
Cryptography

Intended Audience

The target audience for this course includes:

Security officers
Auditors
Security professionals
Testing professionals
QA professionals
Site administrators
Anyone who is concerned about the integrity of the network infrastructure

Prerequisites

Information Security experience is suggested but contact us if you have questions.

Outline

Ethical Hacking Fundamentals

Considering the effects of hacking
- Reviewing the elements of information security
- The security, functionality and usability triangle
Outlining the methods of hackers
- Reconnaissance
- Scanning
- Gaining access
- Maintaining access
- Covering tracks
- Identifying attack types: operating system, application level, shrink–wrap code and misconfiguration
Functions of an ethical hacker
- Conducting vulnerability research
- Identifying elements of information warfare

Applying Covert Techniques to Scan and Attack a Network

Footprinting and reconnaissance
- Objectives and methods of footprinting
- Searching for information with Google Hacking
- Employing footprinting countermeasures
Scanning networks
- Adopting multiple scanning techniques
- Identifying IDS–evasion and IP–fragmentation tools
- Leveraging vulnerability scanning tools
- Applying IP spoofing detection
Examining enumeration techniques
- Enumerating user accounts using default passwords
- Simple Network Management Protocol (SNMP) enumeration

Analyzing System Risks and Weaknesses to Apply Countermeasures

System hacking
- CEH Hacking Methodology (CHM)
- Cracking passwords and escalating privileges
- Defending against password cracking and keyloggers
- Hiding information with steganography
Uncovering Trojans and backdoors
- Injecting a Trojan into a host
- Analyzing Trojan activity
Dissecting viruses, worms and sniffers
- Distributing malware on the web
- Recognizing key indicators of a virus attack
- Analyzing worms and malware
Social engineering and Denial–of–Service (DoS)
- Targets, intrusion tactics and strategies for prevention
- Mitigating the risks of social networking to networks
- Recognizing symptoms and techniques of a DoS attack
- Implementing tools to defend against DoS attacks

Assessing and Preventing Gaps in a Network Infrastructure

Hacking web applications and wireless networks
- Cross–Site Scripting (XSS) and web application DoS attacks
- Defending against SQL injection
- Implementing a man–in–the–middle attack
Hijacking sessions and web servers
- Spoofing a site to steal credentials
- Preventing hijacking by implementing countermeasures
- Leveraging Metasploit in an attack
Evading IDS, firewalls and honeypots
- Assessing various types of Intrusion Detection Systems (IDS) and tools
- Bypassing firewalls and accessing blocked sites
Buffer overflow and cryptography
- Exploiting input validation failures
- Defending against memory corruption attacks

Performing Penetration Testing

Performing security and vulnerability assessments
Determining testing points and locations
Announced vs. unannounced testing