EC-Council Certified Ethical Hacker (CEH) v12

  • Live Online Classroom
  • 4.8
    572 Ratings
  • 1000+ Learners

Class Outline — 5 Days

This five-day instructor-led course provides an in-depth understanding of ethical hacking phases, various attack vectors, and preventative countermeasures. It will teach you how hackers think and act maliciously so you will be better positioned to setup your security infrastructure and defend against future attacks. An understanding of system weaknesses and vulnerabilities helps organizations strengthen their system security controls to minimize the risk of an incident. CEH was built to incorporate a hands-on environment and systematic process across each ethical hacking domain and methodology, giving you the opportunity to work towards proving the required knowledge and skills needed to achieve the CEH credential. You will be exposed to an entirely different posture toward the responsibilities and measures required to be secure. Now in its 12th version, CEH continues to evolve with the latest operating systems, tools, tactics, exploits, and technologies.

Who should take this course?

The Certified Ethical Hacking v12 course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

Prerequisites

None

The Training Covers These Topics:

  • Information security controls, laws, and standards.
  • Various types of footprinting, footprinting tools, and countermeasures.
  • Network scanning techniques and scanning countermeasures
  • Enumeration techniques and enumeration countermeasures
  • Vulnerability analysis to identify security loopholes in the target organization’s network, communication infrastructure, and end systems.
  • System hacking methodology, steganography, steganalysis attacks, and covering tracks to discover system and network vulnerabilities.
  • Different types of malware (Trojan, Virus, worms, etc.), system auditing for malware attacks, malware analysis, and countermeasures.
  • Packet sniffing techniques to discover network vulnerabilities and countermeasures to defend against sniffing.
  • Social engineering techniques and how to identify theft attacks to audit human-level vulnerabilities and social engineering countermeasures.
  • DoS/DDoS attack techniques and tools to audit a target and DoS/DDoS countermeasures.
  • Session hijacking techniques to discover network-level session management, authentication/authorization, and cryptographic weaknesses and countermeasures.
  • Webserver attacks and a comprehensive attack methodology to audit vulnerabilities in webserver infrastructure, and countermeasures.
  • Web application attacks, comprehensive web application hacking methodology to audit vulnerabilities in web applications, and countermeasures.
  • SQL injection attack techniques, injection detection tools to detect SQL injection attempts, and countermeasures.
  • Wireless encryption, wireless hacking methodology, wireless hacking tools, and Wi-Fi security tools.
  • Mobile platform attack vector, android vulnerability exploitations, and mobile security guidelines and tools.
  • Firewall, IDS and honeypot evasion techniques, evasion tools and techniques to audit a network perimeter for weaknesses, and countermeasures.
  • Cloud computing concepts (Container technology, serverless computing), the working of various threats and attacks, and security techniques and tools.
  • Penetration testing, security audit, vulnerability assessment, and penetration testing roadmap.
  • Threats to IoT and OT platforms and defending IoT and OT devices.
  • Cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools.

1 – Introduction to Ethical Hacking

  • Information Security Overview
  • Cyber Kill Chain Concepts
  • Hacking Concepts
  • Ethical Hacking Concepts
  • Information Security Controls
  • Information Security Laws and Standards

2 – Foot-printing and Reconnaissance

  • Footprinting Concepts
  • Footprinting through Search Engines
  • Footprinting through Web Services
  • Footprinting through Social Networking Sites
  • Website Footprinting
  • Email Footprinting
  • Who is Footprinting
  • DNS Footprinting
  • Network Footprinting
  • Footprinting through Social Engineering
  • Footprinting Tools
  • Footprinting Countermeasures

3 – Scanning Networks

  • Network Scanning Concepts
  • Scanning Tools
  • Host Discovery
  • Port and Service Discovery
  • OS Discovery (Banner Grabbing/OS Fingerprinting)
  • Scanning Beyond IDS and Firewall
  • Draw Network Diagrams

4 – Enumeration

  • Enumeration Concepts
  • NetBIOS Enumeration
  • SNMP Enumeration
  • LDAP Enumeration
  • NTP and NFS Enumeration
  • SMTP and DNS Enumeration
  • Other Enumeration Techniques
  • Enumeration Countermeasures

5 – Vulnerability Analysis

  • Vulnerability Assessment Concepts
  • Vulnerability Classification and Assessment Types
  • Vulnerability Assessment Solutions and Tools
  • Vulnerability Assessment Reports

6 – System Hacking

  • System Hacking Concepts
  • Gaining Access
  • Escalating Privileges
  • Maintaining Access
  • Clearing Logs

7 – Malware Threats

  • Malware Concepts
  • APT Concepts
  • Trojan Concepts
  • Virus and Worm Concepts
  • Fileless Malware Concepts
  • Malware Analysis
  • Countermeasures
  • Anti-Malware Software

8 – Sniffing

  • Sniffing Concepts
  • Sniffing Technique: MAC Attacks
  • Sniffing Technique: DHCP Attacks
  • Sniffing Technique: ARP Poisoning
  • Sniffing Technique: Spoofing Attacks
  • Sniffing Technique: DNS Poisoning
  • Sniffing Tools
  • Countermeasures
  • Sniffing Detection Techniques

9 – Social Engineering

  • Social Engineering Concepts
  • Social Engineering Techniques
  • Insider Threats
  • Impersonation on Social Networking Sites
  • Identity Theft
  • Countermeasures

10 – Denial-of-Service

  • DoS/DDoS Concepts
  • DoS/DDoS Attack Techniques
  • BotnetsDDoS Case Study
  • DoS/DDoS Attack Tools
  • Countermeasures
  • DoS/DDoS Protection Tools

11 – Session Hijacking

  • Session Hijacking Concepts
  • Application Level Session Hijacking
  • Network Level Session Hijacking
  • Session Hijacking Tools
  • Countermeasures

12 – Evading IDS, Firewalls, and Honeypots

  • IDS, IPS, Firewall, and Honeypot Concepts
  • IDS, IPS, Firewall, and Honeypot Solutions
  • Evading IDS
  • Evading Firewalls
  • IDS/Firewall Evading Tools
  • Detecting Honeypots
  • IDS/Firewall Evasion Countermeasures

13 – Hacking Web Servers

  • Web Server Concepts
  • Web Server Attacks
  • Web Server Attack Methodology
  • Web Server Attack Tools
  • Countermeasures
  • Patch Management
  • Web Server Security Tools

14 – Hacking Web Applications

  • Web Application Concepts
  • Web Application Threats
  • Web Application Hacking Methodology
  • Web API, Webhooks, and Web Shell
  • Web Application Security

15 – SQL Injection

  • SQL Injection Concepts
  • Types of SQL Injection
  • SQL Injection Methodology
  • SQL Injection Tools
  • Evasion Techniques
  • Countermeasures

16 – Hacking Wireless Networks

  • Wireless Concepts
  • Wireless Encryption
  • Wireless Threats
  • Wireless Hacking Methodology
  • Wireless Hacking Tools
  • Bluetooth Hacking
  • Countermeasures
  • Wireless Security Tools

17 – Hacking Mobile Platforms

  • Mobile Platform Attack Vectors
  • Hacking Android OS
  • Hacking iOS
  • Mobile Device Management
  • Mobile Security Guidelines and Tools

18 – IoT and OT Hacking

  • IoT Hacking
  • IoT Concepts
  • IoT Attacks
  • IoT Hacking Methodology
  • IoT Hacking Tools
  • Countermeasures
  • OT Hacking
  • OT Concepts
  • OT Attacks
  • OT Hacking Methodology
  • OT Hacking Tools
  • Countermeasures

19 – Cloud Computing

  • Cloud Computing Concepts
  • Container Technology
  • Serverless Computing
  • Cloud Computing Threats
  • Cloud Hacking
  • Cloud Security

20 – Cryptography

  • Cryptography Concepts
  • Encryption Algorithms
  • Cryptography Tools
  • Public Key Infrastructure (PKI)
  • Email Encryption
  • Disk Encryption
  • Cryptanalysis

Countermeasures

1 – Architectural Concepts and Design Requirements

  • Cloud Computing Concepts
  • Cloud Reference Architecture
  • Cloud Computing Security Concepts
  • Design Principles of Secure Cloud Computing
  • Trusted Cloud Services

2 – Cloud Data Security

  • CSA (Cloud Security Alliance) Cloud Data Lifecycle
  • Cloud Data Storage Architectures
  • Data Security Strategies
  • Data Discovery and Classification Technologies
  • Protecting Privacy and PII (Personally Identifiable Information)
  • Data Rights Management
  • Data Retention, Deletion, and Archiving Policies
  • Auditability, Traceability, and Accountability of Data Events

3 – Cloud Platform and Infrastructure Security

  • Cloud Infrastructure Components
  • Cloud Infrastructure Risks
  • Designing and Planning Security Controls
  • Disaster Recovery and Business Continuity Management

4 – Cloud Application Security

  • The Need for Security Awareness and Training in application Security
  • Cloud Software Assurance and Validation
  • Verified Secure Software
  • SDLC (Software Development Life Cycle) Process
  • Secure SDLC
  • Specifics of Cloud Application Architecture
  • Secure IAM (Identity and Access Management) Solutions

5 – Operations

  • Planning Process for the Data Center Design
  • Installation and Configuration of Physical Infrastructure for Cloud Environment
  • Running Physical Infrastructure for Cloud Environment
  • Managing Physical Infrastructure for Cloud Environment
  • Installation and Configuration of Logical Infrastructure for Cloud Environment
  • Running Logical Infrastructure for Cloud Environment
  • Managing Logical Infrastructure for Cloud Environment
  • Compliance with Regulations and Controls
  • Risk Assessment for Logical and Physical Infrastructure
  • Collection, Acquisition, and Preservation of Digital Evidence
  • Managing Communication with Stakeholders

6 – Legal and Compliance

  • Legal Requirements and Unique Risks within the Cloud Environment
  • Relevant Privacy and PII Laws and Regulations
  • Audit Process, Methodologies, and Required Adaptions for a Cloud Environment
  • Implications of Cloud to Enterprise Risk Management
  • Outsourcing and Cloud Contract Design
  • Vendor Management

More IT Certification Classes

What People Are Saying About Us

Vanessa Boston

Really good progression on Excel Levels 1-3. Was able to take a decent survey of the capability of Excel and work on target areas like V-LookUp which were of special importance to me. You can save the Manuals Work Books for reviewing and recreating lessons as practice

Ashley Lackey

Carolyn did a great job at teaching the class and making all of the information feel manageable and easy to understand. Although the class was small and quiet she stayed engaging and thorough the entire time. I would definitely recommend this class to others!

Marissa Hogan

Carolyn was a phenomenal teacher! I learned many new things from the Excel 3 course that I took; I can’t wait to take other courses that Data Creative offers.

Mariya Petrovska

I absolutely loved the trainings I have taken with Data Creative. The instructors are very professional, easy to follow, knowledgeable and friendly. The groups are relatively small, so you get personal attention. I highly recommend them for everyone that wants to learn new skills or improve their performance.

Tony Wilson

Awesome training at a very good pace. Trainers were very open to example scenarios and unique questions. Highly recommend!

John Andrew Kenyon

Today I was took the excel level 2 class with Data Creative. The instructor was very professional and knowledgeable. He presented everything available to the lesson and more. I will definitely be taking the 3rd lesson through Data Creative.

Alejandra Cabrera

I completed the level 1 and level 2 PowerPoint training with Damian and I learned so much! I’ve been using PowerPoint for a while and had no idea that there was so much you could do with it. Damian was very easy to follow, friendly, and willing to answer any and all questions. I would definitely recommend this course for anyone looking to fine tune their skills in PowerPoint.

Antoinette Medina

Excellent communication and class setup. Classes are well structured, not too fast-paced. Nice materials, easy to review and follow even if you do not have two screens!

Robert Chalmers

Trish was an excellent facilitator and very personable. The class, Excel Level 4, was easy to follow and she encourage us all day to ask questions! She supplied us with a lot of useful information and “extras”. I learned what I was hoping to learn and had fun doing it.

Jody Old

I took the Excel Level 1, 2, 3, and the Power Point class. I have worked with Excel for over 20 years and I am blown away on how much I thought I knew, but really didn’t know. I would recommend Data Creative to anyone who would want to learn more about what different programs can do. I will be looking forward to any other class my place of employment will want me to take through this company