EC-Council Certified Security Specialist Course Outline

Certified Security Specialist Course



Course Description

EC-Council Certified Security Specialist (ECSS) allows students to enhance their skills in three different areas namely information security, network security, and computer forensics.

Note: EC-Council's fundamental courses are conducted by selected academic partners such as colleges and universities around the world.




 


Information Security Fundamentals

  • 2009 Data Breach Investigations Report
  • Security Threat Report 2009: SOPHOS
  • Data Breach Investigations Report
  • Internet Crime Report: IC3
  • Top Internet Security Threats of 2008
  • Emerging Cyber Threats Report for 2009
  • The Most Prevalent Web Vulnerabilities
  • Information Security
  • Need for Security
  • Cost of Computer Crime
  • The Security, Functionality, and Ease of Use Triangle
  • Common Terminologies
  • Elements of Information Security: CIA
  • Trends in Security
  • 20-Year Trend: Stronger Attack Tools
  • Information Security – More Than An IT Challenge For SME
  • Statistics Related to Security
  • Attack on Social Network Sites for Identity Theft
  • The Top Ten List Of Malware-hosting Countries in 2009
  • 2010 Threat Predictions
  • Information Security Laws and Regulations
  • Computer Misuse Act
  • Data Protection Act 1998
  • Gramm-Leach Bliley Act  

Addressing Threats

  • What is a Threat
  • Current Scenario
  • Knowing Terms: Vulnerability, Exploit
  • Internal Threat
  • Sniffing
  • External Threat
  • Types of External Threats
    • Social Engineering
      • Social Engineering Example 1
      • Social Engineering Example 2
    • Denial of Service Attacks
      • What are Denial of Service Attacks
      • Impact and the Modes of Attack
    • DoS Attack Tools
      • Jolt2
      • Bubonic.c
      • Land and LaTierra
      • Targa
    • Distributed Denial of Service Attack (DDoS)
      • Characteristics of DDoS Attacks
    • DDoS Attack Tool
      • DDoS Tool: Tribal Flood Network
      • DDoS Tool: Shaft
      • DDoS Tool: Trinity
      • stacheldraht
    • Virus and Worm
    • Trojan and Rootkit
      • Worms and their Role in DoS Attack
      • Worms and their Role in DoS Attack: Troj/Pointu-A
    • Corporate Espionage
      • Introduction To Corporate Espionage
      • Information that the Corporate Spies Seek
      • How the Information is Attacked
      • Insider Threat
      • Different Categories of Insider Threat
      • Process of Hacking
      • Corporate Espionage: Case Study
    • Employee Monitoring Tools
      • Activity Monitor
      • Imonitor Employee Activity Monitor
      • Chily Employee Activity Monitor
      • Net Spy Pro
      • Guardian Monitor Professional
      • Accidental Security Breach
      • Automated Computer Attack
      • Countermeasures
      • Vulnerabilities in Windows

Backdoors, Virus, and Worms

  • Introduction to Virus
  • Characteristics of a Virus
  • Working of Virus
  • Worms
  • Backdoors
  • What is a Trojan
    • Basic Working of Trojans
  • Overt and Covert Channels
  • How is a Worm Different from a Virus
  • Virus History
  • Stages of Virus Life
  • Modes of Virus Infection
  • Indications of Virus Attack
  • Underground Writers
  • Prevention is Better than Cure
  • Anti-Virus Systems
  • Anti-Virus Software
  • AVG Antivirus
  • Norton Antivirus
  • McAfee Spam Killer
  • McAfee VirusScan
  • F-Secure Anti-Virus
  • Kaspersky Anti-Virus  
  • How to Detect Trojans
  • Tool: Netstat
  • Tool: TCPView
  • Delete Suspicious Device Drivers
  • Check for Running Processes: What’s on My Computer
  • Super System Helper Tool
  • Tool: What's Running
  • Top 10 Latest Viruses

Introduction to the Linux Operating System

  • Linux
  • Linux Distributions
  • Linux – Basics
  • Why Do Hackers Use Linux
  • Why is Linux Hacked
  • How to Apply Patches to Vulnerable Programs
  • Linux Rootkits
    • Hacking Tool: Linux Rootkits
    • Knark & Torn
    • Tuxit, Adore, Ramen
    • Linux Rootkit: phalanx2
    • Beastkit
    • Rootkit Countermeasures
    • ‘chkrootkit’ Detects the Following Rootkits
  • Linux Hacking Tools
    • Scanning Networks
    • Nmap in Linux
    • Scanning Tool: Nessus
    • Port Scan Detection Tools
    • Password Cracking in Linux: John the Ripper
    • Firewall in Linux: IPTables
    • IPTables Command
    • Basic Linux Operating System Defense
    • SARA (Security Auditor's Research Assistant)
    • Linux Tool: Netcat
    • Linux Tool: tcpdump
    • Linux Tool: Snort
    • Linux Tool: SAINT
    • Linux Tool: Wireshark
    • Linux Under Attack: Compromised SSH Keys Lead to Rootkit

Password Cracking

  • Authentication – Definition
  • Authentication Mechanisms
  • HTTP Authentication
    • Basic Authentication
    • Digest Authentication
  • Microsoft Passport Authentication
  • What is a Password Cracker
  • Modus Operandi of an Attacker Using Password Cracker
  • How does a Password Cracker Work
  • Attacks – Classification
  • Password Guessing
  • Dictionary Maker
  • Password Cracking Tools
    • L0phtcrack (LC4)
    • John the Ripper
    • Brutus
    • Hydra
    • Cain & Abel
    • Other Password Cracking Tools
  • Security Tools
    • WebPassword
    • Password Administrator
    • Password Safe
    • Passwords: Dos and Don’ts
    • Password Generators

Cryptography

  • Basics of Cryptography
  • Public-key Cryptography
  • Working of Encryption
  • Digital Signature
  • What is SSH
  • SSH (Secure Shell)
  • RSA (Rivest Shamir Adleman)
  • Example of RSA algorithm
  • RSA Attacks
  • RSA Challenge
  • MD5
  • SHA (Secure Hash Algorithm)
  • Code Breaking: Methodologies
  • Disk Encryption
  • Cryptography Attacks
  • Role of Cryptography in Data Security
  • Magic Lantern
  • Cleversafe Grid Builder
  • Microsoft Cryptography Tools

Web Servers and Web Applications

  • Symantec Government Internet Security Threat Report, Published April 2009
  • Report: Active Servers Across All Domains
  • Top Web Server Developers
  • Web Servers
    • How Web Servers Work
    • Why Web Servers are Compromised
    • Web Application Vulnerabilities Categories
    • Popular Web Servers
    • IIS 7 Components
    • IIS Vulnerabilities
    • IIS Vulnerabilities Detection: Tools
    • Apache Vulnerability
    • Increasing Web Server’s Security
  • Web Applications
    • Web Application Architecture Components
    • Web Application Software Components
    • Web Application Setup
    • Web Application Threats
    • Cross-Site Scripting/XSS Flaws
    • An Example of XSS
    • Countermeasures
    • SQL Injection
    • Command Injection Flaws
    • Countermeasures
    • Cookie/Session Poisoning
    • Countermeasures
    • Instant Source
    • Wget
    • GUI for Wget
    • WebSleuth
    • BlackWidow
    • WindowBomb
    • WindowBomb: Report
    • Burpsuite
    • cURL

Wireless Networks

  • Wireless Networking
  • Effects of Wireless Attacks on Business
  • Wireless Standards
    • Wireless Standard: 802.11a
    • Wireless Standard: 802.11b – “WiFi”
    • Wireless Standard: 802.11g
    • Wireless Standard: 802.11i
    • Wireless Standard: 802.11n
    • Wireless Standard:802.15 (Bluetooth)
    • Wireless Standard:802.16 (WiMax)
  • Components of Wireless Network
  • Types of Wireless Network
  • Setting up WLAN
  • Detecting a Wireless Network
  • How to Access a WLAN
  • Advantages and Disadvantages of a Wireless Network
  • Antennas
  • SSID
  • Access Point Positioning
  • Rogue Access Points
  • Techniques to Detect Open Wireless Networks
  • Wireless Security Guidelines
  • Netstumbler Tool
  • MiniStumbler Tool
  • Kismet Tool

Intrusion Detection System

  • Intrusion Detection Systems
  • IDS Placement
  • Cybersecurity Plan to Boost IT Firms, But Doubts Persist
  • Types of Intrusion Detection Systems
  • Ways to Detect an Intrusion
  • System Integrity Verifiers (SIV)
  • General Indications of System Intrusions
  • General Indications of File System Intrusions
  • General Indications of Network Intrusions
  • Intrusion Detection Tools
    • Snort
  • IDS Testing Tool: Traffic IQ Professional
  • IDS Software Vendors

Firewalls and Honeypots

  • Introduction
  • Terminology
  • Firewall
    • What is a Firewall
    • What does a Firewall do
    • What can't a Firewall do
    • How does a Firewall Work
    • Firewall Operations
    • Hardware Firewall
    • Software Firewall
    • Types of Firewalls
    • Firewall Identification
    • Firewalking
    • Banner Grabbing
    • Placing Backdoors through Firewalls
  • Honeypot
    • What is a Honeypot
    • The Honeynet Project
    • Types of Honeypots    
    • Advantages  and Disadvantages of a Honeypot    
    • Where to Place a Honeypot
    • Honeypots
    • How to Set Up a Honey Pot
    • Honeypot - KFSensor
    • Honeypot-SPECTER
    • Honeypot - honeyd
    • What to do When Hacked

Hacking Cycle

  • Hacking History
  • Who is a Hacker?
  • Types of Hackers
  • What Does a Hacker Do
    • Phase 1 - Reconnaissance
    • Reconnaissance Types
    • Phase 2 - Scanning
    • Phase 3 - Gaining Access
    • Phase 4 - Maintaining Access
    • Phase 5 - Covering Tracks
  • Types of Attacks on a System
  • Operating System Attacks
  • Application Level Attacks
  • Computer Crimes and Implications
  • Legal Perspective (US Federal Law)

Introduction to Ethical Hacking

  • Attacks Carried out Using Hacked PC
  • Hacker Classes
  • Hacktivism
  • Why Ethical Hacking is Necessary
  • Scope and Limitations of Ethical Hacking
  • What Do Ethical Hackers Do
  • How to Become an Ethical Hacker
  • Skills of an Ethical Hacker
  • Classification of Ethical Hacker
  • Jobs for Ethical Hackers: Job Skills in Order of Popularity
  • Jobs for Ethical Hacker
  • Jobs for Ethical Hacker
  • How Do They Go About It
  • Penetration Testing vis-à-vis Ethical Hacking
  • How to Simulate an Attack on the Network
  • Testing Approaches
  • General Prevention
  • Vulnerability Research Websites
  • Computer Crimes and Security Survey

Networking Revisited

  • Network Layers
  • Application Layer
  • Transport Layer
  • Internet Layer
  • Network Interface Layer
  • Physical Layer
  • Differentiating Protocols and Services
  • Mapping Internet Protocol to OSI
  • OSI Layers and Device Mapping
    • Network Security
  • Essentials of Network Security
  • Ingress and Egress Traffic
  • Data Security Threats over a Network
  • Network Security Policies
  • What Defines a Good Security Policy
  • Types of Network Security Policies
    • Sample Security Policy
    • Computer Acceptable Use Policy

Secure Network Protocols

  • Secure Network Protocols
    • E-mail Security Protocol - S/MIME
    • E-mail Security Protocol - PGP    
    • Web Security Protocol - SSL
    • Web Security Protocol - SSH
    • Web Security Protocol -HTTP
    • Web Security Protocol -HTTPS
    • VPN Security Protocol - IPSec
    • VPN Security Protocol - PPTP
    • VPN Security Protocol -L2TP
    • Wireless Security Protocol - WEP
    • VoIP Security Protocol -H.323
    • VoIP Security Protocol- SIP
  • Public Key Infrastructure (PKI)
  • Access Control Lists (ACL)
  • Authentication, Authorization, Accounting (AAA)
  • RADIUS    
  • TACACS+
  • Kerberos
  • Internet Key Exchange protocol (IKE)

Authentication

  • Authentication – Definition
  • Authentication≠Authorization
  • Authentication Mechanisms
  • HTTP Authentication
    • Basic Authentication
    • Digest Authentication
    • Certificate-based Authentication
    • Forms-based Authentication
  • RSA SecurID Token
  • Biometrics Authentication
  • Types of Biometrics Authentication
    • Face Recognition
    • Retina Scanning
    • Fingerprint-based Identification
    • Hand Geometry-based Identification
  • Digital Certificates
  • Attacks on Password Authentication

Network Attacks

  • Network Attacks
    • Denial of Service (DoS)
      • DoS Countermeasures
    • Scanning
      • Scanning Countermeasures
    • Packet Sniffing
      • Packet Sniffing Countermeasures
    • IP Spoofing
      • IP Spoofing Countermeasures
    • ARP Spoofing
      • ARP Spoofing Countermeasures
    • Session Hijacking
      • Session Hijacking Countermeasures
    • Spam Statistics-2009
    • Spamming
      • Spamming Countermeasures
    • Eavesdropping
      • Eavesdropping Countermeasures

Bastion Hosts and DMZ

  • Bastion Host - Introduction
  • Types of Bastion Hosts
  • Need for a Bastion Host
  • Basic Principles for Building a Bastion Host
  • General Requirements to Setup a Bastion Host
  • Hardware Requirements
  • Selecting the Operating System for the Bastion Host
  • Positioning the Bastion Host
    • Physical Location
    • Network Location
    • Select a Secure Location
  • Auditing the Bastion Host
  • Connecting the Bastion Host
  • Tool: IPSentry
  • What is DMZ
  • Different Ways to Create a DMZ
  • Where to Place Bastion Host in the DMZ
  • Benefits of DMZ

Proxy Servers

  • What are Proxy Servers
  • Benefits of a Proxy Server
  • Other Benefits of a Proxy Server
  • Working of a Proxy Server
  • Functions of a Proxy Server
  • Communication Via a Proxy Server
  • Proxy Server-to-Proxy Server Linking
  • Proxy Servers vs. Packet Filters
  • Networking Protocols for Proxy Servers
  • S-HTTP
  • Types of Proxy Servers
    • Transparent Proxies
    • Non-transparent Proxy
    • SOCKS
  • Proxy Server-based Firewalls
    • Wingate
    • Symantec Enterprise Firewall
  • Microsoft Internet Security & Acceleration Server (ISA)  
  • ISA Server 2006 components
  • Steps to Configure Proxy Server on IE
  • Limitations of a Proxy server
  • List of Proxy Sites

Virtual Private Network

  • What is a VPN
  • VPN Deployment
  • Tunneling Described
  • Types of Tunneling
  • Popular VPN Tunneling Protocols
  • VPN Security
  • VPN via SSH and PPP
  • VPN via SSL and PPP
  • VPN via Concentrator
  • Other Methods
  • VPN Registration and Passwords
  • Intro to IPSec
  • IPSec Services
  • Combining VPN and Firewalls
  • VPN Vulnerabilities

Introduction to Wireless Network Security

  • Introduction to Wireless Networking
  • Basics
  • Types of Wireless Networks
    • WLANS
    • WPANs
    • WMANs
    • WWANs
  • Antennas
  • SSIDs
  • Rogue Access Points
  • Tools to Detect Rogue Access Points: NetStumbler
  • Netstumbler
  • What is Wired Equivalent Privacy (WEP)
  • WEP Tool: AirSnort
  • 802.11 Wireless LAN Security
  • Limitations of WEP Security
  • Wireless Transportation Layer Security (WTLS)
  • Extensible Authentication Protocol (EAP) Methods
  • 802.11i
  • Wi-Fi Protected Access (WPA)
  • TKIP and AES
  • Denial of Service Attacks
  • Man-in-the-Middle Attack (MITM)
  • WIDZ, Wireless Intrusion Detection System
  • Securing Wireless Networks
  • Maximum Security: Add VPN to Wireless LAN
  • Module 21: Voice over Internet Protocol
  • VoIP Introduction
  • Benefits of VoIP
  • Basic VoIP Architecture
  • VoIP Layers
  • VoIP Standards
  • Wireless VoIP
  • VoIP Threats
  • VoIP Vulnerabilities
  • VoIP Security
  • Skype’s International Long Distance Share Grows, Fast.
  • VoIP Services in Europe
  • VoIP Sniffing Tools
    • AuthTool
    • VoIPong
    • Vomit
    • PSIPDump
    • Web Interface for SIP Trace (WIST)
  • VoIP Scanning and Enumeration Tools
    • SNScan
    • Netcat
    • SiVus
  • VoIP Packet Creation and Flooding Tools
    • SipBomber
    • Spitter
    • Scapy
  • VoIP Fuzzing Tools
    • Ohrwurm
    • SIP Forum Test Framework
    • Asteroid
  • VoIP Signaling Manipulation Tools
    • RTP Tools
  • Other VoIP Tools
    • Tcpdump
    • Wireshark
    • Softperfect Network Sniffer
    • HTTP Sniffer
    • SmartSniff
  • VoIP Troubleshooting Tools
    • P.862
    • RTCP XR – RFC3611

Computer Forensics Fundamentals

  • Forensic Science
  • Computer Forensics
  • Evolution of Computer Forensics
  • Objectives of Computer Forensics
  • Need for Computer Forensics
  • Cyber Crime
  • Modes of Attacks
  • Examples of Cyber Crime
  • Types of Computer Crimes
  • How Serious Are Different Types of Incidents
  • Disruptive Incidents to the Business
  • Time Spent Responding to the Security Incident
  • Cost Expenditure Responding to the Security Incident
  • Cyber Crime Investigation Process
  • Challenges in Cyber Crime Investigation
  • Rules of Forensic Investigation
  • Role of Forensics Investigator
  • Investigative Agencies: FBI
  • Investigative Agencies: National Infrastructure Protection Center
  • Role of Law Enforcement Agencies in Forensics Investigation
  • Reporting Security Breaches to Law Enforcement Agencies in the U.S.A
  • Cyber Laws
  • Approaches to Formulation of  Cyber Laws
  • Some Areas Addressed by Cyber Law
  • Important Federal Statutes

Trademark, Copyright, and Patents

  • Trademark Infringement
    • Trademarks
    • Trademark Eligibility and Benefits of Registering It
    • Service Marks and Trade Dress
    • Trademark Infringement
    • Trademark Search
    • Monitoring Trademark Infringements
    • Key Considerations Before Investigating Trademark Infringements
    • Steps for Investigating Trademark Infringements
  • Copyright Infringement
    • Copyright and Copyright Notice
    • Investigating Copyright Status of a Particular Work
    • How Long Does a Copyright Last
    • U.S. Copyright Office
    • Doctrine of “Fair Use”
    • How are Copyrights Enforced
  • Plagiarism
    • Types of Plagiarism
    • Steps for Plagiarism Prevention
    • Plagiarism Detection Factors
  • Plagiarism Detection Tools
    • iParadigm’s: Plagiarism Detection Tool
    • iThenticate: Uploading Document
    • iThenticate: Generating Report
    • iThenticate: Report
    • Turnitin
    • Essay Verification Engine 2 (EVE2)
    • Jplag
    • Sherlock: Plagiarism Detector
    • Dupli Checker
    • SafeAssignment
    • PlagiarismDetect.com
  • Patent Infringement
    • Patent
    • Patent Infringement
    • Types of Patent Infringement
    • Patent Search USPTO Recommended Seven-step Strategy for Patent Search
  • Trademarks and Copyright Laws
    • U.S. Laws for Trademarks and Copyright
    • Indian Laws for Trademarks and Copyright
    • UK Laws for Trademarks and Copyright
    • Hong Kong Laws for Intellectual Property

Network and Router Forensics Fundamentals

  • Network Forensics
    • Challenges in Network Forensics
    • Internal Threat
    • External  Threat
    • Network Attacks
    • Automated Computer Attack
    • Sources of Evidence on a Network
  • Traffic Capturing and Analysis Tools
    • Wireshark
    • Tcpdump
    • NetIntercept
    • CommView
    • EtherSnoop
    • eTrust Network Forensics
    • ProDiscover Investigator
    • Documenting the Evidence Gathered on a Network
    • Evidence Reconstruction for Investigation
  • Router Forensics
    • What is a Router
    • Functions of a Router
    • A Router in an OSI Model
    • Routing Table and its Components
    • Router Architecture
    • Implications of a Router Attack
    • Routers Vulnerabilities
    • Types of Router Attacks
    • Router Attack Topology
      • Denial of Service (DoS) Attacks
      • Packet Mistreating Attacks
      • Routing Table Poisoning
      • Hit-and-Run and Persistent Attacks
    • Router Forensics  Vs. Traditional Forensics
    • Investigating Routers
    • Seize the Router and Maintain Chain of Custody
    • Incident Response & Session Recording
    • Accessing the Router
    • Volatile Evidence Gathering
    • Router Investigation Steps
    • Link Logger  
    • Router Audit Tool (RAT)
    • Generate the Report

Incident Response and Forensics

  • Cyber Incident Statistics
  • What is an Incident
  • Security Incidents
  • Category of Incidents
    • Category of Incidents: Low Level
    • Category of Incidents: Mid Level
    • Category of Incidents: High Level
  • How to Identify an Incident
  • How to Prevent an Incident
  • Incident Management
  • Reporting an Incident
  • Pointers to Incident Reporting Process
  • Report a Privacy or Security Violation
  • Preliminary Information Security Incident Reporting Form
  • Incident Response Procedure
  • Incident Response Policy
  • Incident Response Checklist
  • Handling Incidents
  • Procedure for Handling Incidents
    • Preparation
    • Identification
    • Containment
    • Eradication
    • Recovery
    • Follow-up
  • Post-Incident Activity
  • CSIRT
    • CSIRT Overview
    • Need for CSIRT
    • How CSIRT Handles Case: Steps
    • Best Practices for Creating a CSIRT
  • CERT
  • World CERTs
  • GFIRST
  • FIRST
  • IRTs Around the World

Digital Evidence

  • Digital Evidence
  • Challenging Aspects of Digital Evidence
  • The Role of Digital Evidence
  • Characteristics of Digital Evidence
  • Fragility of Digital Evidence
  • Types of Digital Data
  • Rules of Evidence
  • Best Evidence Rule
  • Evidence Life Cycle
  • Digital Evidence Investigative Process
  • Where to Find Digital Evidence
  • Securing Digital Evidence
  • Documenting Evidence
  • Evidence Examiner Report
  • Handling Digital Evidence in a Forensics Lab
  • Obtaining a Digital Signature and Analyzing it
  • Processing Digital Evidence
  • Storing Digital Evidence
  • Evidence Retention and Media Storage Requirements
  • Forensics Tool: Dcode
  • Forensics Tool: WinHex
  • Forensics Tool: PDA Secure
  • Forensics Tool: Device Seizure

Understanding Windows, DOS, Linux, and Macintosh

  • File Systems
  • Types of File Systems
  • Understanding System Boot Sequence
  • Exploring Microsoft File Structures
  • Exploring Microsoft File Structures: FAT vs. NTFS
  • FAT
    • FAT Structure
  • NTFS
    • NTFS Architecture
    • NTFS System Files
  • Encrypted File Systems (EFS)
    • EFS File Structure
  • CDFS
  • Comparison of File Systems
  • Exploring Microsoft File Structures: Cluster
  • Gathering Evidence on Windows Systems
  • Gathering Volatile Evidence on Windows
  • Example: Checking Current Processes With Forensic Tool pslist
  • Example: Checking Open Ports With Forensic Tool fport
  • Checking Registry Entries
  • Features of Forensic Tool: Resplendent Registrar
  • How to Create a System State Backup
  • Windows Forensics Tool: Helix
  • Tools Present in Helix CD for Windows Forensics
  • Integrated Windows Forensics Software: X-Ways Forensics
  • Windows Forensics Tool: Traces Viewer
  • UNIX Overview
  • Linux Overview
  • Exploring Unix/Linux Disk Data Structures
  • Understanding Unix/Linux Boot Process
  • Understanding Linux Loader
  • Popular Linux File Systems
  • Use of Linux as a Forensics Tool
  • Advantages of Linux in Forensics
  • Popular Linux Forensics Tools
  • Mac OS X
  • Mac Security Architecture Overview
  • Exploring Macintosh Boot Tasks
  • Mac OS X File System
  • Mac Forensic Tool: MacLockPick
  • Mac Forensic Tool: MacAnalysis

Steganography

  • Introduction
  • Definition of Steganography
  • Model of Stegosystem
  • Application of Steganography
  • Steganography Vs. Cryptography
  • Classification of Steganography
  • Technical Steganography
  • Linguistic Steganography
  • Digital Steganography
  • Strides in Steganography
  • Different Forms of Steganography
    • Text File Steganography
      • Hiding Information In Text Files
    • Image File Steganography
    • Steganography - Steps for Hiding Information
    • Audio File Steganography
      • Low-bit Encoding in Audio Files
    • Video File Steganography
  • Hiding Information in DNA
  • Steganographic File System
  • Real World Applications of Steganography
  • Practical Applications of Steganography
  • Unethical Use of Steganography
  • Introduction to Stego-Forensics
  • Detecting Steganography
  • Detecting Text, Image, Audio and Video Steganography
  • Steganography Tools
    • Stegdetect
    • Stego Watch
    • Snow
    • Fort Knox
    • S- Tools
    • Steghide
    • Mp3Stego
    • Invisible Secrets

Analyzing Logs

  • Computer Security Logs
    • Operating System Logs
    • Application Logs
    • Security Software Logs
  • Importance of Logs in Forensics
  • Security Logging
  • Examining Intrusion and Security Events
  • Logon Event in Window
  • Windows Log File
  • Logging in Windows
  • Remote Logging in Windows
  • Ntsyslog
  • Logs and Legal Issues
    • Legality of Using Logs
    • Laws and Regulations
  • Log Management
    • Functions of Log Management
    • Challenges in Log Management
  • Centralized Logging and Syslogs
    • Central Logging Design
    • Centralized Logging Setup
    • Logging in Unix / Linux -Syslog
    • Remote Logging with Syslog
    • Significance of Synchronized Time
    • Event Gathering
    • EventCombMT
    • Writing Scripts
    • Event Gathering Tools
    • Dumpel
    • LogDog
    • Forensic Tool: fwanalog
  • Log Capturing and Analysis Tools
  • Syslog-ng Logging System
  • WinSyslog Syslog Server
  • Kiwi Syslog Server  

E-mail Crime and Computer Forensics

  • Email System
  • Internet Protocols
  • Email Client
  • Email Server
  • Exploring the Roles of the Client and Server in E-mail
  • Phishing Attack
  • Reasons for Successful Phishing
  • Identifying E-mail Crimes and Violations
  • Investigating Email Crime and Violation
  • Obtain a Search Warrant and Seize the Computer and Email Account
  • Obtain a Bit-by-Bit Image of Email Information
  • Sending E-mail Using Telnet
  • Viewing E-mail Headers
  • Viewing Headers in Microsoft Outlook
  • Viewing Headers in AOL
  • Viewing Headers in Hotmail
  • Viewing Headers in Gmail
  • Gmail Header
  • Examining an E-mail Header
  • Tracing an E-mail Message
  • Using Network Logs Related  to E-mail
  • Tracing Back
  • Tracing Back Web Based E-mail
  • Searching E-mail Addresses
  • E-mail Search Site
  • Using Specialized E-mail Forensic Tools
    • EnCase Forensic
    • FTK Imager  
    • FINALeMAIL
    • Netcraft  
    • eMailTrackerPro
    • E-mail Examiner
    • LoPe
  • U.S. Laws Against Email Crime: CAN-SPAM Act
  • Email Crime Law in Washington: RCW 19.190.020

Introduction to Writing Investigative Report

  • Computer Forensic Report
  • Significance of Investigative Reports
  • Computer Forensics Report Template
  • Report Specifications
  • Report Classification
  • What to Include in an Investigative Report
  • Layout of an Investigative Report
  • Writing a Report
  • Guidelines for Writing a Report
  • Salient Features of a Good Report
  • Important Aspects of a Good Report
  • Investigative Report Format
  • Attachments and Appendices
  • Report and Expert Opinion
  • Use of Supporting Material
  • Sample Forensic Report
  • Sample Report
  • Writing Report Using FTK

Computer Forensics as a Profession

  • Introduction
  • Developing Computer Forensics Resources
  • Computer Forensics Experts
  • Preparing for Computing Investigations
  • Enforcement Agency Investigations
  • Corporate Investigations
  • Maintaining Professional Conduct
  • Legal Issues
  • Approach to Forensic Investigation: A Case Study
  • Email Infidelity in a Computer Forensics Investigation Case Study

  Download ECSSv3 Brochure EC-Council Conference & Events