Ethics and Legality

• Ethics and Legality
• Understand Ethical Hacking terminology
• Define the Job role of an ethical hacker
• Understand the different phases involved in ethical hacking
• Identify different types of hacking technologies
• List the 5 stages of ethical hacking?
• What is hacktivism?
• List different types of hacker classes
• Define the skills required to become an ethical hacker
• What is vulnerability research?
• Describe the ways in conducting ethical hacking
• Understand the Legal implications of hacking
• Understand 18 U.S.C. § 1030 US Federal Law

Footprinting

• Define the term Footprinting
• Describe information gathering methodology
• Describe competitive intelligence
• Understand DNS enumeration
• Understand Whois, ARIN lookup
• Identify different types of DNS records
• Understand how  traceroute is used in Footprinting
• Understand how e-mail tracking works
• Understand how web spiders work

Scanning

• Define the term port scanning, network scanning and vulnerability scanning
• Understand the CEH scanning methodology
• Understand Ping Sweep techniques
• Understand nmap command switches
• Understand SYN, Stealth, XMAS, NULL, IDLE and FIN scans
• List TCP communication flag types
• Understand War dialing techniques
• Understand banner grabbing and OF fingerprinting techniques
• Understand how proxy servers are used in launching an attack
• How does anonymizers work
• Understand HTTP tunneling techniques
• Understand IP spoofing techniques

Enumeration

• What is Enumeration?
• What is meant by null sessions
• What is SNMP enumeration?
• What are the steps involved in performing enumeration?

System hacking 

• Understanding password cracking techniques
• Understanding different types of passwords
• Identifying various password cracking tools
• Understand Escalating privileges
• Understanding keyloggers and other spyware technologies
• Understand how to Hide files
• Understanding rootkits
• Understand Steganography technologies
• Understand how to covering your tracks and erase evidences

Trojans and Backdoors 

• What is a Trojan?
• What is meant by overt and covert channels?
• List the different types of Trojans
• What are the indications of a Trojan attack?
• Understand how “Netcat” Trojan works
• What is meant by “wrapping”
• How does reverse connecting Trojans work?
• What are the countermeasure techniques in preventing Trojans?
• Understand Trojan evading techniques

Sniffers 

• Understand the protocol susceptible to sniffing
• Understand active and passive sniffing
• Understand ARP poisoning
• Understand ethereal capture and display filters
• Understand MAC flooding
• Understand DNS spoofing techniques
• Describe sniffing countermeasures

Denial of Service 

• Understand the types of DoS Attacks
• Understand how DDoS attack works
• Understand how BOTs/BOTNETS work
• What is “smurf” attack
• What is “SYN” flooding
• Describe the DoS/DDoS countermeasures

Social Engineering 

• What is Social Engineering?
• What are the Common Types of Attacks
• Understand Dumpster Diving
• Understand Reverse Social Engineering
• Understand Insider attacks
• Understand Identity Theft
• Describe Phishing Attacks
• Understand Online Scams
• Understand URL obfuscation
• Social Engineering countermeasures

Session Hijacking 

• Understand Spoofing vs. Hijacking
• List the types of Session Hijacking
• Understand Sequence Prediction
• What are the steps in performing session hijacking
• Describe how you would prevent session hijacking

Hacking Web Servers 

• List the types of web server vulnerabilities
• Understand the attacks Against Web Servers
• Understand IIS Unicode exploits
• Understand patch management techniques
• Understand Web Application Scanner
• What is Metasploit Framework?
• Describe Web Server hardening methods

Web Application Vulnerabilities 

• Understanding how web application works
• Objectives of web application hacking
• Anatomy of an attack
• Web application threats
• Understand Google hacking
• Understand Web Application Countermeasures

Web Based Password Cracking Techniques 

• List the Authentication types
• What is a Password Cracker?
• How does a Password Cracker work?
• Understand Password Attacks - Classification
• Understand Password Cracking Countermeasures

SQL Injection 

• What is SQL injection?
• Understand the Steps to conduct SQL injection
• Understand SQL Server vulnerabilities
• Describe SQL Injection countermeasures

Wireless Hacking 

• Overview of WEP, WPA authentication systems and cracking techniques
• Overview of wireless Sniffers and SSID, MAC Spoofing
• Understand Rogue Access Points
• Understand Wireless hacking techniques
• Describe the methods in securing wireless networks

Virus and Worms 

• Understand the difference between an virus and a Worm
• Understand the types of Viruses
• How a virus spreads and infects the system
• Understand antivirus evasion techniques
• Understand Virus detection methods

Physical Security 

• Physical security breach incidents
• Understanding physical security
• What is the need for physical security?
• Who is accountable for physical security?
• Factors affecting physical security

Linux Hacking 

• Understand how to compile a Linux Kernel
• Understand GCC compilation commands
• Understand how to install LKM modules
• Understand Linux hardening methods

Evading IDS, Honeypots and Firewalls 

• List the types of Intrusion Detection Systems and evasion techniques
• List firewall and honeypot evasion techniques

Buffer Overflows 

• Overview of stack based buffer overflows
• Identify the different types of buffer overflows and methods of detection
• Overview of buffer overflow mutation techniques

Cryptography 

• Overview of cryptography and encryption techniques
• Describe how public and private keys are generated
• Overview of MD5, SHA, RC4, RC5, Blowfish algorithms

Penetration Testing Methodologies 

• Overview of penetration testing methodologies
• List the penetration testing steps
• Overview of the Pen-Test legal framework
• Overview of the Pen-Test deliverables
• List the automated penetration testing tools