Certified Ethical Hacker

Course Title: Certified Ethical Hacker (CEH)

Duration: 40 hrs. (3days/ week, 2 hr/day)
Version: CEH Version
Course Fee: 2!,000/" #k
Hackers are here. Where are you?
Co$%&ters aro&nd the world are syste$atically 'ein( )icti$i*ed 'y ra$%ant
hackin(. #his hackin( is not only wides%read, '&t is 'ein( e+ec&ted so ,awlessly that
the attackers co$%ro$ise a syste$, steal e)erythin( of )al&e and co$%letely erase
their tracks within 20 $in&tes.
#he (oal of the ethical hacker is to hel% the or(ani*ation take %ree$%ti)e
$eas&res a(ainst $alicio&s attacks 'y attackin( the syste$ hi$self- all the while
stayin( within le(al li$its. #his %hiloso%hy ste$s fro$ the %ro)en %ractice of tryin(
to catch a thief, 'y thinkin( like a thief. .s technolo(y ad)ances and or(ani*ation
de%end on technolo(y increasin(ly, infor$ation assets ha)e e)ol)ed into critical
co$%onents of s&r)i)al.
/f hackin( in)ol)es creati)ity and thinkin( 0o&t"of"the"'o+1, then )&lnera'ility
testin( and sec&rity a&dits will not ens&re the sec&rity %roo2n( of an or(ani*ation. #o
ens&re that or(ani*ations ha)e ade3&ately %rotected their infor$ation assets, they
$&st ado%t the a%%roach of 0defense in de%th1.
/n other words, they $&st %enetrate their networks and assess the sec&rity
%ost&re for )&lnera'ilities and e+%os&re.
#he de2nition of an Ethical Hacker is )ery si$ilar to a 4enetration #ester. #he
Ethical Hacker is an indi)id&al who is &s&ally e$%loyed with the or(ani*ation and
who can 'e tr&sted to &ndertake an atte$%t to %enetrate networks and/or co$%&ter
syste$s &sin( the sa$e $ethods as a Hacker. Hackin( is a felony in the 5nited
6tates and $ost other co&ntries. 7hen it is done 'y re3&est and &nder a contract
'etween an Ethical Hacker and an or(ani*ation, it is le(al. #he $ost i$%ortant %oint
is that an Ethical Hacker has a&thori*ation to %ro'e the tar(et.
#he CEH 4ro(ra$ certi2es indi)id&als in the s%eci2c network sec&rity disci%line of
Ethical Hackin( fro$ a )endor"ne&tral %ers%ecti)e. #he Certi2ed Ethical Hacker
certi2cation will fortify the a%%lication knowled(e of sec&rity of2cers, a&ditors,
sec&rity %rofessionals, site ad$inistrators, and anyone who is concerned a'o&t the
inte(rity of the network infrastr&ct&re. . Certi2ed Ethical Hacker is a skilled
%rofessional who &nderstands and knows how to look for the weaknesses and
)&lnera'ilities in tar(et syste$s and &ses the sa$e knowled(e and tools as a
$alicio&s hacker.
Ethical Hackin( and Co&nter$eas&res #rainin( 4ro(ra$
Course Description:
#his class will i$$erse the st&dent into an interacti)e en)iron$ent where they will
'e shown how to scan, test, hack and sec&re their own syste$s. #he la' intensi)e
en)iron$ent (i)es each st&dent in"de%th knowled(e and %ractical e+%erience with
the c&rrent essential sec&rity syste$s.
6t&dents will 'e(in 'y &nderstandin( how %eri$eter defenses work and then 'e lead
into scannin( and attackin( their own networks, no real network is har$ed. 6t&dents
then learn how intr&ders escalate %ri)ile(es and what ste%s can 'e taken to sec&re a
syste$. 6t&dents will also learn a'o&t /ntr&sion 8etection, 4olicy Creation, 6ocial
En(ineerin(, 88o6 .ttacks, 9&ffer :)er,ows and Vir&s Creation. 7hen a st&dent
lea)es this intensi)e co&rse they will ha)e hands on &nderstandin( and e+%erience in
Ethical Hackin(.


#his co&rse %re%ares yo& for EC"Co&ncil Certi2ed Ethical Hacker e+a$ 3;2"!0
Who Should Attend
#his co&rse will si(ni2cantly 'ene2t sec&rity of2cers, a&ditors, sec&rity %rofessionals,
site ad$inistrators, and anyone who is concerned a'o&t the inte(rity of the network
infrastr&ct&re.
CEH ! E"a# $%&ecties
E+a$ Code: 3;2"!0
<o. of 3&estions: ;!0
8&ration: 4 ho&rs
4assin( score: =0>
'ntroduction to Ethical Hackin(
? 5nderstand Ethical Hackin( ter$inolo(y
? 8e2ne the @o' role of an ethical hacker
? 5nderstand the different %hases in)ol)ed in ethical hackin(
? /dentify different ty%es of hackin( technolo(ies
? Aist the ! sta(es of ethical hackin(B
? 7hat is hackti)is$B
? Aist different ty%es of hacker classes
? 8e2ne the skills re3&ired to 'eco$e an ethical hacker
? 7hat is )&lnera'ility researchB
? 8escri'e the ways in cond&ctin( ethical hackin(
? 5nderstand the Ae(al i$%lications of hackin(

Hackin( )a*s
? 5nderstand 5.6. 6ec&rely 4rotect Co&rself .(ainst Cy'er #res%ass .ct
(64C .C#)
? 5nderstand ;D 5.6.C. E ;030 56 Federal Aaw
? 5nderstand Federal Gana(ers Financial /nte(rity .ct of ;HD2
? 5nderstand #he Freedo$ of /nfor$ation .ct ! 5.6.C. E !!2
? 5nderstand Federal /nfor$ation 6ec&rity Gana(e$ent .ct (F/6G.)
? 5nderstand #he 4ri)acy .ct :f ;H=4 ! 5.6.C. E !!2a
? 5nderstand 56. 4atriot .ct of 200;
Footprintin(
? 8e2ne the ter$ Foot%rintin(
? 8escri'e infor$ation (atherin( $ethodolo(y
? 8escri'e co$%etiti)e intelli(ence
? 5nderstand 8<6 en&$eration
? 5nderstand 7hois, .I/< look&%
? /dentify different ty%es of 8<6 records
? 5nderstand how tracero&te is &sed in Foot%rintin(
? 5nderstand how e"$ail trackin( works
? 5nderstand how we' s%iders work
+oo(le Hackin(
? 8e2ne Joo(le hackin(
? 7hat a hacker can do with )&lnera'le site
? How to &se Joo(le as a 4ro+y 6er)er
? 7hat is Joo(le Hackin( 8ata'ase (JH89)
? 5nderstand #ra)ersal #echni3&es
Scannin(
? 8e2ne the ter$ %ort scannin(, network scannin( and
? )&lnera'ility scannin(
? 5nderstand the CEH scannin( $ethodolo(y
? 5nderstand 4in( 6wee% techni3&es
? 5nderstand n$a% co$$and switches
? 5nderstand 6C<, 6tealth, KG.6, <5AA, /8AE and F/< scans
? Aist #C4 co$$&nication , a( ty%es
? 5nderstand 7ar dialin( techni3&es
? 5nderstand 'anner (ra''in( and :F 2n(er %rintin( techni3&es
? 5nderstand how %ro+y ser)ers are &sed in la&nchin(
? an attack How does anony$i*ers work
? 5nderstand H##4 t&nnelin( techni3&es
? 5nderstand /4 s%oo2 n( techni3&es

Enu#eration
? 7hat is En&$erationB
? 7hat is $eant 'y n&ll sessions
? 7hat is 6<G4 en&$erationB
? 7hat are the ste%s in)ol)ed in %erfor$in( en&$erationB
Syste# Hackin(
? 5nderstandin( %assword crackin( techni3&es
? 5nderstandin( different ty%es of %asswords
? /dentifyin( )ario&s %assword crackin( tools
? 5nderstand Escalatin( %ri)ile(es
? 5nderstandin( keylo((ers and other s%yware technolo(ies
? 5nderstand how to Hide 2 les
,nderstandin( rootkits
? 5nderstand 6te(ano(ra%hy technolo(ies
? 5nderstand how to co)erin( yo&r tracks and erase e)idences
Tro&ans and -ackdoors
? 7hat is a #roLanB
? 7hat is $eant 'y o)ert and co)ert channelsB
? Aist the different ty%es of #roLans
? 7hat are the indications of a #roLan attackB
? 5nderstand how M<etcatN #roLan works
? 7hat is $eant 'y Mwra%%in(N
? How does re)erse connectin( #roLans workB
? 7hat are the co&nter$eas&re techni3&es in %re)entin( #roLansB
? 5nderstand #roLan e)adin( techni3&es
Viruses and Wor#s
? 5nderstand the difference 'etween an )ir&s and a 7or$
? 5nderstand the ty%es of Vir&ses
? How a )ir&s s%reads and infects the syste$
? 5nderstand anti)ir&s e)asion techni3&es
? 5nderstand Vir&s detection $ethods
Sniffers
? 5nderstand the %rotocol s&sce%ti'le to snif2 n(
? 5nderstand acti)e and %assi)e snif2 n(
? 5nderstand .I4 %oisonin(
? 5nderstand ethereal ca%t&re and dis%lay 2 lters
? 5nderstand G.C , oodin(
? 5nderstand 8<6 s%oo2 n( techni3&es
? 8escri'e snif2 n( co&nter$eas&res

Social En(ineerin(
? 7hat is 6ocial En(ineerin(B
? 7hat are the Co$$on #y%es of .ttacks
? 5nderstand 8&$%ster 8i)in(
? 5nderstand Ie)erse 6ocial En(ineerin(
? 5nderstand /nsider attacks
? 5nderstand /dentity #heft
? 8escri'e 4hishin( .ttacks
? 5nderstand :nline 6ca$s
? 5nderstand 5IA o'f&scation
? 6ocial En(ineerin( co&nter$eas&res
.hishin( and 'dentity Theft
? 7hat are the reasons for s&ccessf&l %hishin(
? 5nderstand different %hishin( $ethods
? 5nderstand the %hishin( %rocess
? 5nderstand the ty%e of %hishin( attacks
? 4hishin( co&nter$eas&res
htt%://www.ecco&ncil.

Hackin( E#ail Accounts
? 7hat are the different ways to (et infor$ation of e$ail acco&nt
? 7hat do yo& &nderstand 'y cookie stealin(
? 5nderstand %assword %hishin(
? E$ail sec&rity
Denial/of/Serice
? 5nderstand the ty%es of 8o6 .ttacks
? 5nderstand how 88o6 attack works
? 5nderstand how 9:#s/9:#<E#6 work
? 7hat is Ms$&rf N attack
? 7hat is M6C<N , oodin(
? 8escri'e the 8o6/88o6 co&nter$eas&res
Session Hi&ackin(
? 5nderstand 6%oo2n( )s. HiLackin(
? Aist the ty%es of 6ession HiLackin(
? 5nderstand 6e3&ence 4rediction
? 7hat are the ste%s in %erfor$in( session hiLackin(
? 8escri'e how yo& wo&ld %re)ent session hiLackin(

Hackin( We% Serers
? Aist the ty%es of we' ser)er )&lnera'ilities
? 5nderstand the attacks .(ainst 7e' 6er)ers
? 5nderstand //6 5nicode e+%loits
? 5nderstand %atch $ana(e$ent techni3&es
? 5nderstand 7e' .%%lication 6canner
? 7hat is Getas%loit Fra$eworkB
? 8escri'e 7e' 6er)er hardenin( $ethods
We% Application Vulnera%ilities
? 5nderstandin( how we' a%%lication works
? :'Lecti)es of we' a%%lication hackin(
? .nato$y of an attack
? 7e' a%%lication threats
? 5nderstand Joo(le hackin(
? 5nderstand 7e' .%%lication Co&nter$eas&res
We%/-ased .ass*ord Crackin( Techni0ues
? Aist the .&thentication ty%es
? 7hat is a 4assword CrackerB
? How does a 4assword Cracker workB
? 5nderstand 4assword .ttacks " Classi2 cation
? 5nderstand 4assword Crackin( Co&nter$eas&res
S1) 'n&ection
? 7hat is 6OA inLectionB
? 5nderstand the 6te%s to cond&ct 6OA inLection
? 5nderstand 6OA 6er)er )&lnera'ilities
? 8escri'e 6OA /nLection co&nter$eas&res
htt%://www.ecco&ncil.or(
Hackin( Wireless 2et*orks
? :)er)iew of 7E4, 74. a&thentication syste$s and crackin( techni3&es
? :)er)iew of wireless 6niffers and 66/8, G.C 6%oo2 n(
? 5nderstand Io(&e .ccess 4oints
? 5nderstand 7ireless hackin( techni3&es
? 8escri'e the $ethods in sec&rin( wireless networks
.hysical Security
? 4hysical sec&rity 'reach incidents
? 5nderstandin( %hysical sec&rity
? 7hat is the need for %hysical sec&rityB
? 7ho is acco&nta'le for %hysical sec&rityB
? Factors affectin( %hysical sec&rity

)inu" Hackin(
? 5nderstand how to co$%ile a Ain&+ Pernel
? 5nderstand JCC co$%ilation co$$ands
? 5nderstand how to install APG $od&les
? 5nderstand Ain&+ hardenin( $ethods
E)adin( /86, Firewalls and 8etectin( Honey 4ots
? Aist the ty%es of /ntr&sion 8etection 6yste$s and e)asion techni3&es
? Aist 2rewall and honey%ot e)asion techni3&es
htt%://www.ecco&ncil.

-uffer $er3 o*s
? :)er)iew of stack 'ased '&ffer o)er, ows
? /dentify the different ty%es of '&ffer o)er,ows and $ethods of detection
? :)er)iew of '&ffer o)er,ow $&tation techni3&es
Crypto(raphy
? :)er)iew of cry%to(ra%hy and encry%tion techni3&es
? 8escri'e how %&'lic and %ri)ate keys are (enerated
? :)er)iew of G8!, 6H., IC4, IC!, 9low2 sh al(orith$s
.enetration Testin(
? :)er)iew of %enetration testin( $ethodolo(ies
? Aist the %enetration testin( ste%s
? :)er)iew of the 4en"#est le(al fra$ework
? :)er)iew of the 4en"#est deli)era'les
? Aist the a&to$ated %enetration testin( tools