CEH v12 Certified Ethical Hacking

Who is a Certified Ethical Hacker?

A Certified Ethical Hacker is a specialist typically working in a red team environment, focused on attacking computer systems and gaining access to networks, applications, databases, and other critical data on secured systems. A C|EH® understands attack strategies, the use of creative attack vectors, and mimics the skills and creativity of malicious hackers. Unlike malicious hackers and actors, Certified Ethical Hackers operate with permission from the system owners and take all precautions to ensure the outcomes remain confidential. Bug bounty researchers are expert ethical hackers who use their attack skills to uncover vulnerabilities in the systems.

The Certified Ethical Hacker has been battle-hardened over the last 20 years, creating hundreds of thousands of Certified Ethical Hackers employed by top companies, militaries, and governments worldwide.

Training in a nutshell:
The C|EH program and C|EH exam cover a variety of topics that center around the Tactics and Procedures required to be a tactical cybersecurity professional. Focusing on the entire kill-chain process, C|EH covers a variety of topics from foot printing and reconnaissance, to scanning, gaining access, maintaining access, and covering your tracks. This 5-phase ethical hacking process applies to a variety of scenarios including traditional on-premises networks, cloud, hybrid, IoT systems, and stretches across a variety of topologies and application environments. Students will learn a variety of tools and techniques across this evaluation process as well as how hackers will utilize the same TTPs to hack into organizations.

Target audience:

• Mid-Level Information Security Auditor;
• Cybersecurity Auditor;
• Security Administrator;
• IT Security Administrator;
• Cyber Defense Analyst;
• Vulnerability Assessment Analyst;
• Warning Analyst;
• Information Security Analyst 1;
• Security Analyst L1;
• Infosec Security Administrator;
• Cybersecurity Analyst level 1, level 2, & level 3;
• Network Security Engineer;
• SOC Security Analyst;
• Security Analyst;
• Network Engineer;
• Senior Security Consultant;
• Information Security Manager;
• Senior SOC Analyst;
• Solution Architect;
• Cybersecurity Consultant

What’s New in the C|EH® v12
The C|EH® v12 is a specialized and one-of-a-kind training program to teach you everything you need to know about ethical hacking with hands-on training, labs, assessment, a mock engagement  practice, and global hacking competition.

The C|EH® v12 training program includes 20 modules covering various technologies, tactics, and procedures, providing prospective ethical hackers with the core knowledge needed to thrive in cybersecurity.

Prerequisites to the course (recommended):

There are no specific prerequisites for the C|EH program, however we strongly recommend candidates possess a minimum of 2 years’ experience in IT security before joining a C|EH training program.

C|EH training is about testing systems and using them for purposes not originally intended, candidates should understand the basic functions of those IT systems before attempting to hack them.

If you do not possess the foundational skills in IT and Networking, we recommend starting with our free cybersecurity Essentials Series found here: DFE – Digital Forensics Essentials; EHE – Ethical Hacking Essentials; NDE – Network Defence Essentials

What You Will Learn ?

• Key issues include plaguing the information security world, ethical hacking, information security controls, laws, and standards.
• Perform footprinting and reconnaissance using the latest footprinting techniques and tools as a critical pre-attack phase required in ethical hacking.
• Network scanning techniques and scanning countermeasures.
• Enumeration techniques and enumeration countermeasures.
• Vulnerability analysis to identify security loopholes in the target organization’s network, communication infrastructure, and end systems.
• System hacking methodology, steganography, steganalysis attacks, and covering tracks to discover system and network vulnerabilities.
• Different types of malware (Trojan, Virus, worms, etc.), system auditing for malware attacks, malware analysis, and countermeasures.
• Packet sniffing techniques to discover network vulnerabilities and countermeasures to defend sniffing.
• Social engineering techniques and how to identify theft attacks to audit humanlevel vulnerabilities and suggest social engineering countermeasures.
• DoS/DDoS attack techniques and tools to audit a target and DoS/DDoS countermeasures.
• Session hijacking techniques to discover network-level session management, authentication/authorization, cryptographic weaknesses, and countermeasures.
• Web server attacks and a comprehensive attack methodology to audit vulnerabilities in web server infrastructure, and countermeasures.
• Web application attacks and comprehensive web application hacking methodology to audit vulnerabilities in web applications, and countermeasures.
• SQL injection attack techniques, injection detection tools to detect SQL injection attempts, and countermeasures.
• Wireless encryption, wireless hacking methodology, wireless hacking tools, and Wi-Fi security tools.
• Mobile platform attack vector, android vulnerability exploitations, and mobile security guidelines and tools.
• Firewall, IDS and honeypot evasion techniques, evasion tools and techniques to audit a network perimeter for weaknesses, and countermeasures.
• Cloud computing concepts (Container technology, serverless computing), various threats/attacks, and security techniques and tools.
• Penetration testing, security audit, vulnerability assessment, and penetration testing roadmap.
• Threats to IoT and OT platforms and learn how to defend IoT and OT devices securely.
• Cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools.

The training topics and description:

• Module 01: Introduction to Ethical Hacking
• Module 02: Foot Printing and Reconnaissance
• Module 03: Scanning Networks
• Module 04: Enumeration
• Module 05: Vulnerability Analysis
• Module 06: System Hacking
• Module 07: Malware Threats
• Module 08: Sniffing
• Module 09: Social Engineering
• Module 10: Denial-of-Service
• Module 11: Session Hijacking
• Module 12: Evading IDS, Firewalls, and Honeypots
• Module 13: Hacking Web Servers
• Module 14: Hacking Web Applications
• Module 15: SQL Injection
• Module 16: Hacking Wireless Networks
• Module 17: Hacking Mobile Platforms
• Module 18: IoT and OT Hacking
• Module 19: Cloud Computing
• Module 20: Cryptography

About The Exam

• Number of Questions: 125
• Test Duration: 4 Hours
• Test Format: Multiple Choice
• Test Delivery: ECC EXAM, VUE
• Exam Prefix: 312-50 (ECC EXAM), 312-50 (VUE)
• Passing Score: 70%

The exam can be taken at our Exam Centre

After completing this course, students will be able to:

• practice professional ethical hacking;
• act according to Cyber Kill chain and use it effectively;
• evaluate target systems for vulnerabilities, misconfiguration and weaknesses;
• find the weakest link in an organization through concepts like social engineering;
• understand, how hackers operate, what tactics they use, and how to apply those tactics in a professional setting to identify weaknesses in your organization
• apply remediation strategies before their organization becomes the next victim of a cyberattack or breach.

Training Principles:

Delivered through a carefully curated training plan that typically spans five days, the 12th version of the C|EH® continues to evolve to keep up with the latest OS, exploits, tools, and techniques. The concepts covered in the training programm are split 50/50 between knowledge-based training and hands-on application through our cyber range.Every tactic discussed in training is backed by step-by-step labs conducted in a virtualized environment with live targets, live tools, and vulnerable systems. Through our lab technology, every participant will have comprehensive hands-on practice to learn and apply their knowledge.”

About The CEH v12 Exam:

This knowledge-based exam will test your skills in Information Security Threats and Attack Vectors, Attack Detection, Attack Prevention, Procedures, Methodologies and more!

• Number of Questions: 125
• Test Duration: 4 Hours
• Test Format: Multiple Choice
• Test Delivery: ECC EXAM, VUE
• Exam Prefix: 312-50 (ECC EXAM), 312-50 (VUE)
• The exam can be taken at our Exam Centre

Trainer:
Ivica Gjorgjevski is a recognized expert in information and cyber security with more than 15 years of experience in this field. After 4 years working in the army, he joined the National Security Authority (Directorate for Security of Classified Information). Currently working as a head of the sector for information security. Besides the full-time job in the NSA, he also works for Semos Education, leading company in North Macedonia for IT education, as a certified EC-Council instructor and delivers cyber security trainings all over Europe. His field of expertise is ethical hacking, network defending, incident handling. He is currently holding some of the top cybersecurity certifications (CEH, CEI, CND, ECIH, CompTIA Security +).

The training price also includes:

• study materials;
• certificate;

Küsin koolituse kohta lisainfot