Ethical Hacking Core Skills | EHCS
In this course you will learn the core skills to build a solid security foundation. You will examine in detail the traffic that traverses the network at the packet and binary level. You will build a solid knowledge of the lowest layers of the network. In the course, you will conduct extensive hands-on exercises. You will learn to master the TCP/IP protocol. You will learn essential UNIX and Linux survival skills that separate you from the many security professionals who are Windows centric..
Additionally, you will be introduced to vulnerability assessment and the hacking methodology. When you finish this course you will have a solid security foundation to pursue more advanced security training. For many, when you take a class like the Certified Ethical Hacker (CEH) you have not established the foundation that is needed to get the most from the course, this is where ethical hacking core skills come in, it is the bridge between a beginning level security course and CEH; furthermore, it focuses on the main concepts required to build a foundation in security.
Course Outline
Introduction To Required Skills For Security
- TCP/IP
- Unix/linux
- Introduction to the hacking process
- Virtualization
LAB: Security Skills Introduction
Security Model
- Authentication
- Confidentiality
- Integrity
- Availability
- Authorization
LAB: Security Model
Security Posture
- Promiscuous
- Paranoid
- Permissive
- Prudent
Security Posture
- Identifying services and allowing them
Risk Management
- Defining types of risk
- Types of risk
Introduction & Overview
- Introducing TCP/IP networks
- What TCP/IP Networks
- What TCP/IP provides: Key application services & multivendor capabilities TCP/IP & the internet
- Internet RFC’s & STDs
- TCP/IP Protocol architecture
- Protocol layering concepts
- TCP/IP layering
- Components of TCP/IP networks
- Network protocols (IP, TCP, UDP, ICMP)
LAB: TCP/IP
Transport protocols
- Packet headers
Encapsulation
LAB: The Layers
Analyzing Network Traffic
- Examining the data at the packet level
- Control flags of TCP
Identifying the characteristics of network connections
LAB: Analyzing Packets
Advanced Protocol Analysis
Using Protocol Analyzers
- tcpdump
- dsniff
- Wireshark
- Etherape
- Ettercap
LAB: Protocol Analysis I
Wireshark
- Leveraging the filter capabilities
- Working within the GUI
- Low level analysis
- Following session communication
- Customizing the interface
- Using the statistics features within the tool
- Text-based Wireshark
- Packet decomposition
LAB: Protocol Analysis II
Tcpreplay
- Using traffic replay for training & advanced analysis
Customizing & crafting packets
- Command line tools
- GUI based tools
LAB: Protocol Analysis III
Advanced features of Wireshark
- Filters
- Sessions
- Graphs
- Endpoints
- Statistics
- Custom
LAB: Advanced Wireshark
- Colasoft
- Hping
LAB: Crafting Packets
UNIX/Linux
- Interacting with UNIX
- Graphical user interfaces
- The Common Desktop Environment (CDE)
- GNOME, Java Desktop System, others
- The command line interface
- Entering commands to the shell
- Browsing online documentation
- Displaying man pages
- Managing Files
- Essential file housekeeping tools
- Copying: cp
- Renaming: mv
- Removing: rm
- Linking: ln
- Editing: vi
- Printing: lp, lpr
Root
- Ways to assume root
Lab: UNIX I
Working with the processes & jobs
- ps
- jobs
- kill
Disk Commands
- Mount
- Unmount
- df
- du
Working with files
- gunzip
- zcat
- tar
Searching files & directories
- find
- grep
- strings
Compiling programs
Password storage
Networking
Address resolution
Editors
Lab: UNIX II
Introducing Linux
- The UNIX heritage
- Linux inception
- Linux kernel & GNU tools
- Open source licensing
- Distributions
- Accessing the system
- The GNOME desktop
- Customizing panels, launchers & applets
- Examining graphical applications
- Personalizing the terminal window
- Starting at the command line
LAB: Linux
Overview of Virtual Machines
- Defining virtual machines (servers & workstations)
- Advantages of deploying VMs
- Creating a Virtual Machine from a System Image or Another Virtual Machine
- Conversion Process for Importing from Other Formats
- VMware Converter Compared to the Conversion Wizard
- Supported Source machines
- Operating System Compatibility
- Importing from Various Sources
Transferring Files & Text Between the Host & Guest
- Using drag-and-drop
- Enable or disable drag-and-drop
- Using copy & paste
- Enable or disable copy & paste
- Using shared folders
- Set up shared folders
- Enabling and disabling shared folders
- Viewing a shared folder
Preserving the State of a Virtual Machine
- Using the suspend & resume features
- Use hard suspend or soft suspend
- Suspend or resume a virtual machine
- Using snapshots
- Scenarios for using multiple snapshots
- Information captured by snapshots
- Snapshot conflicts
- Enable or disable background snapshots exclude a virtual disk from snapshots 193
- Snapshot manager overview
- Take a snapshot
- Rename a snapshot or recording
- Restore an earlier state from a snapshot
- Delete a snapshot or a recording
- Take or revert to a snapshot at power off
Configuring a Virtual Network
- Components of the virtual network
- Virtual switch
- DHCP server
- Netwrok adaptor
- Common networking configurations
Building complex virtual architectures to emulate enterprise architectures
Introduction to Vulnerability Assessment
- Defining vulnerability
- Vulnerability scanners
- Challenge of vulnerability assessment
- Penetration testing defined
- Enumeration
Introduction to the Hacking Process
Hacking Methodology
- Surveillance
- Foot printing
- Scanning
- Vulnerability assessment
- Exploitation
- Covering tracks
- Evasion
Challenges of Staying Current
- Books
- Mailing lists
- Videos
- Professional organizations
Course Objectives
Students who successfully complete this class will be able to:
- Explain the foundations of security to include in-depth knowledge of the TCP/IP protocol
- Analyze packets for irregularities
- Detect signs of crafted packets
- Perform advanced protocol analysis techniques
- Conduct low-level protocol analysis
- Display functional skills in Unix and Linux
- Deply virtualization and build your own virtual labs
- Identify the steps of vulnerability assessment and the hacking methodology
Who is it for?
In this course you will learn the core skills to build a solid security foundation. You will examine in detail the traffic that traverses the network at the packet and binary level. You will build solid knowledge on the lowest layers of the network. In the course, you will conduct extensive hands-on exercises. You will learn to master the TCP/IP protocol. You will learn essential UNIX and Linux survival skills that separate you from the many security professionals who are Windows centric.
Additionally, you will be introduced to vulnerability assessment and the hacking methodology. When you finish this course you will have a solid security foundation to pursue more advanced security training. For many, when you take a class like the Certified Ethical Hacker (CEH) you have not established the foundation that is needed to get the most from the course, this is where the Core Concepts course comes in, it is the bridge between a beginning level security course and CEH; furthermore, it focuses on the main concepts required to build a foundation in security.
Add the Mobile Security Tool Kit to Your Training
For the past several years we have offered our training on a mobile device so that you can take your training with you and eliminate the need to stream the videos. This device is the next generation mobile device. This is a fully loaded pen test tool kit comes equipped with a custom Linux Hacking OS and, wait for it… we can load your course (or 2) onto the device. In the sage words of Ray Bradbury, “Something Wicked This Way Comes.”