Objectives of the training
At the end of this training, the participant will have a better understanding of the weaknesses and vulnerabilities of the systems and will be able to help his organization to reinforce the security controls of its systems in order to minimize the risk of incident.Targeted audience
Information Security Analyst / Administrator, Information Assurance (IA) Security Officer, Information Security Manager / Specialist, Information Systems Security Engineer / Manager, Information Security Professionals / Officers, Information Security / IT Auditors, Risk / Threat/Vulnerability Analyst, System Administrators, Network Administrators and EngineersPrerequisite
Computer Networking Skills (Network+)Trainers
Course architecture
Introduction to ethical hacking and penetration testing
- The main challenges that occupy the world of computer security, ethical hacking, controls, laws and standards in information security
Footprinting and recognition
- How to perform data collection (footprinting) and reconnaissance using the latest collection techniques and tools required for penetration testing.
Network Analysis
- Network analysis techniques and analysis countermeasures.
Access (enumeration)
- System access techniques taking advantage of previously identified vulnerabilities and countermeasures.
Vulnerability scanning
- Identify security vulnerabilities in the target organization's network, communication infrastructure and endpoints.
System hacking
- Systems hacking methodology, steganography, steganalysis attacks, and covering one's tracks to discover system and network vulnerabilities.
Malware Threats
- Overview of different types of malware (Trojans, viruses, worms, etc.), auditing of systems in anticipation of malware attacks, malware analysis and countermeasures.
Sniffing
- Discovering network vulnerabilities and countermeasures to prevent sniffing.
Social engineering
- Extortion techniques by establishing a false link of trust with the target (e.g. impersonating technical support). How to audit vulnerabilities at the human level to prevent them.
Denial of Service
- DoS/DDoS attack techniques and tools to audit a target and DoS/DDoS countermeasures
Session hijacking
- Session hijacking techniques by infiltrating at the application (http) or network (TCP) level, corrupting authentication/authorization, taking advantage of encryption weaknesses and countermeasures.
Bypassing
- Techniques for bypassing firewalls, intrusion detection systems and honeypots, tools and techniques for checking network perimeter weaknesses, and countermeasures.
Web server hacking
- Comprehensive attack methodology for checking web server infrastructure vulnerabilities, and countermeasures.
Web application hacking
- Penetration testing, security audit, vulnerability assessment and penetration testing roadmap.
SQL Injection
- SQL injection attack techniques to modify or retrieve data by interfering with SQL statements, injection detection tools to detect SQL injection attempts, and countermeasures.
Wireless Network Hacking
- Wireless encryption, wireless hacking methodology, wireless hacking tools, and Wi-Fi security tools.
Hacking of mobile platforms
- Attack vector , Android vulnerability exploitation, mobile security guidelines and tools.
IoT and OT hacking
- Threats to Internet of Things related platforms and operational technology (device performance tracking and monitoring) learn to defend IoT and IoT devices securely.
Cloud computing
- Cloud computing concepts (container technology, serverless computing), various threats/attacks, and security techniques and tools.
Pedagogical details
Training architecture
Participants share their real-life case scenarios with each other and apply what they have learned in an online lab.
Type of training
Training Notes
Cost of the exam included
Private or personalized training
If you have more than 8 people to sign up for a particular course, it can be delivered as a private session right at your offices. Contact us for more details.
Request a quotePrivate or personalized training
If you have more than 8 people to sign up for a particular course, it can be delivered as a private session right at your offices. Contact us for more details.
Request a quote