Ethical Hacking and Prevention

This course is meant for those professionals who are looking for comprehensive and total
knowledge in the network security domain. This is the only course which teaches both
hacking and prevention techniques. And in keeping with Zoom's standards, this course is
entirely hands on and real time oriented. And need we say, the instructors are network
security and intrusion specialists with several years of experience.

Course Contents

 Introduction to Ethical Hacking

 Cryptography

 Wireless hacking

 Linux Hacking

 Phishing

 Countermeasures

www.zoomgroup.com
 Course Curriculum
Introduction to Ethical Hacking  Vulnerability Scanner tools
 What is Hacking  Finding more details about a vulnerability
 Who is a Hacker  What is a proxy server
 Skills of a Hacker  How does proxy server work
 Types of Hackers  Types of proxy servers
 Reasons for Hacking  How to find proxy servers
 Why do hackers use proxy servers
 Who are at the risk of Hacking attacks
 What is a TOR network
 Effects of Computer Hacking on an
organization  Why hackers prefer to use TOR
networks
 Network Security Challenges
 Elements of Information Security Hacking Web Servers & Web Applications
 The Security, Functionality & Usability  What is a web server
Triangle  Different webserver applications in use
 What is Ethical Hacking  Why are webservers hacked & its
 Why Ethical Hacking is Necessary consequences
 Scope & Limitations of Ethical Hacking  Directory traversal attacks
 What is Penetration Testing  Website defacement
 What is Vulnerability Auditing  Website password brute forcing
 How to defend against web server
Foot Printing hacking
 What is Foot Printing Session Hijacking
 Objectives of Foot Printing  What is session hijacking
 Finding a company’s details  Dangers of session hijacking attacks
 Finding a company’s domain name  Session hijacking techniques
 Finding a company’s Internal URLs  Cross-Site scripting attack
 Finding a company’s Public and Restricted  Session hijacking tools
URLs  How to defend against session hijacking
 Finding a company’s Server details
 Finding the details of domain registration SQL Injection
 Finding the range of IP Address  What is SQL Injection
 Finding the DNS information  Effects of SQL Injection attacks
 Finding the services running on the server
 Types of SQL Injection attacks
 SQL Injection detection tools
 Finding the location of servers
 Traceroute analysis Evading Firewalls, IDS & Honeypots
 Tracking e-mail communications  What is a Firewall
 What are the functions of a Firewall
Scanning  What is an IDS
 What is network scanning  How does an IDS work
 Objectives of network scanning  SPAN
 Finding the live hosts in a network  IDS tools
 SNMP Enumeration
 What is a honeypot
 Types of honeypots
 SMTP Enumeration
 Honeypot tools
 DNS Enumeration  Honeypot detection tools
 Finding open ports on a server
 Finding the services on a server Buffer Overflow
 OS fingerprinting  What is a buffer
 Understanding usage of buffers in
 Server Banner grabbing tools
applications
 What is a Vulnerability Scanning  What is buffer overflow
  Simple buffer overflow in C programming
 How to detect a buffer overflow
 How to defend against buffer overflow
attacks

www.zoomgroup.com
Denial of Service Phishing
 What is a DoS attack  What is Phishing
 What is a DDoS attack  How Phishing website is hosted
 Symptoms of a Dos attack  How victims are tricked to access
 DoS attack techniques Phishing websites
 What is a Botnet  How to differentiate a Phishing webpage
 Defending DoS attacks from the original webpage
 How to defend against Phishing attacks
Cryptography
 What is Cryptography Malware
 Types of cryptography  What is malware
 Cipher algorithms  Types of malware
 Public key infrastructure o Virus
 What is a Hash  What is a virus program
 Cryptography attacks  What are the properties of a
virus program
System Hacking  How does a computer get
 What is system Hacking infected by virus
 Goals of System Hacking  Types of virus
 Password Cracking  Virus making tools
 Password complexity  How to defend against virus
 Finding the default passwords of network attacks
devices and softwares o Worm
 Password cracking methods  What is a worm program
o Online password cracking  How worms are different from
 Man-in-the-middle attack virus
 Password guessing  Trojan
o Offline password cracking  What is a Trojan horse
 Brute force cracking  How does a Trojan operate
 Dictionary based cracking  Types of Trojans
 Hybrid attack
 Identifying Trojan infections
 USB password stealers
 How to defend against Trojans
 Elcomsoft Distributed password recovery
tools
o Spyware
 Active password changer
 What is a spyware
 What is a keylogger
 Types of spywares
 How to deploy a keylogger to a remote pc  How to defend against spyware
 How to defend against a keylogger  Rootkits
Sniffers  What is a Rootkit
 What is a sniffer
 Types of Rootkits
 How does Rootkit operate
 How sniffer works
 How to defend against Rootkits
 Types of sniffing
o Active sniffing
Kali Linux
o Passive Sniffing
 What is promiscuous mode  What is Kali Linux
 How to put a PC into promiscuous mode  How Kali Linux is different from other
 What is ARP Linux distributions
 ARP poison attack  What are the uses of Kali Linux
 Threats of ARP poison attack  Tools for Footprinting, Scanning &
 How MAC spoofing works Sniffing
 MAC Flooding  What is Metasploit framework
 What is a CAM Table  Using Metasploit framework to attack
 How to defend against MAC Spoofing Wiindows machines
attacks  Using Metasploit framework to attack
 How to defend against Sniffers in network Android devices

www.zoomgroup.com
Wireless Hacking IDS / IPS
 Types of wireless networks o What is an IDS
o What is a IPS
 Wi-Fi usage statistics o Difference between IDS & IPS
 Finding a Wi-Fi network o Placement of IDS in the
 Types of Wi-Fi authentications Network
o Configuring an IDS in the
o Using a centralized authentication Network
server o Placement of IPS in the
o Using local authentication Network
 Types of Wi-Fi encryption methods o Configuring an IPS in the
o WEP Network
o WPA  UTM / Next-Generation Firewall
o WPA2 o What is a UTM
o Features of UTM
 How does WEP work
o Difference between a Firewall &
 Weakness of WEP encryption a UTM
 How does WPA work o Placement of UTM in the
Network
 How does WPA2 work o Configuring a UTM in the
 Hardware and software required to crack Network
Wi-Fi networks o Monitoring attacks using UTM
 How to crack WEP encryption o Configuring IPS module in UTM
to detect and stop attacks
 How to crack WPA encryption
 How to crack WPA2 encryption Counter Measure Techniques for Local
 How to defend against Wi-Fi cracking Systems
attacks  Identifying the Vulnerabilities of a system
 Understanding the Vulnerabilities of a
system
o CVE ID
Penetration Testing
o Bugtraq ID
 What is Penetration Testing  Patch Management
 Types of Penetration Testing o Identifying the patch for a
 What is to be tested Vulnerability
o Downloading the Patch
o Testing the network devices for mis- o Testing the patch for stability in
configuration test environment
o Testing the servers and hosting o Deploying the patch to Live
applications for mis-configuration Network
o Testing the servers and hosting  Finding the missing updates in an
applications for vulnerabilities Operating System
o Testing wireless networks o Microsoft Baseline Security
o Testing for Denial of Service attacks Analyzer
o Belarc Advisor

Counter Measure Techniques for Network level Counter Measure Techniques for Malware
attacks Attacks
 Types of Firewall  Scanning systems for Malware infections
o Packet Filtering Firewall  Types of anti-malwares
o Circuit-Level Gateway Firewall o Anti-Virus
o Application-Level Firewall o Anti-Worm
o Stateful Multilayer Inspection o Anti-Trojan
Firewall o Anti-Rootkit
o Internet Security Suites
o Limitations of a Firewall
 HIDS

 HIPS

www.zoomgroup.com