Objectives of the trainingAt the end of this training, the participant will have a better understanding of the weaknesses and vulnerabilities of the systems and will be able to help his organization to reinforce the security controls of its systems in order to minimize the risk of incident.
Targeted audienceInformation Security Analyst / Administrator, Information Assurance (IA) Security Officer, Information Security Manager / Specialist, Information Systems Security Engineer / Manager, Information Security Professionals / Officers, Information Security / IT Auditors, Risk / Threat/Vulnerability Analyst, System Administrators, Network Administrators and Engineers
PrerequisiteComputer Networking Skills (Network+)
- The main challenges that occupy the world of computer security, ethical hacking, controls, laws and standards in information security
- How to perform data collection (footprinting) and reconnaissance using the latest collection techniques and tools required for penetration testing.
- Network analysis techniques and analysis countermeasures.
- System access techniques taking advantage of previously identified vulnerabilities and countermeasures.
- Identify security vulnerabilities in the target organization's network, communication infrastructure and endpoints.
- Systems hacking methodology, steganography, steganalysis attacks, and covering one's tracks to discover system and network vulnerabilities.
- Overview of different types of malware (Trojans, viruses, worms, etc.), auditing of systems in anticipation of malware attacks, malware analysis and countermeasures.
- Discovering network vulnerabilities and countermeasures to prevent sniffing.
- Extortion techniques by establishing a false link of trust with the target (e.g. impersonating technical support). How to audit vulnerabilities at the human level to prevent them.
- DoS/DDoS attack techniques and tools to audit a target and DoS/DDoS countermeasures
- Session hijacking techniques by infiltrating at the application (http) or network (TCP) level, corrupting authentication/authorization, taking advantage of encryption weaknesses and countermeasures.
- Techniques for bypassing firewalls, intrusion detection systems and honeypots, tools and techniques for checking network perimeter weaknesses, and countermeasures.
- Comprehensive attack methodology for checking web server infrastructure vulnerabilities, and countermeasures.
- Penetration testing, security audit, vulnerability assessment and penetration testing roadmap.
- SQL injection attack techniques to modify or retrieve data by interfering with SQL statements, injection detection tools to detect SQL injection attempts, and countermeasures.
- Wireless encryption, wireless hacking methodology, wireless hacking tools, and Wi-Fi security tools.
- Attack vector , Android vulnerability exploitation, mobile security guidelines and tools.
- Threats to Internet of Things related platforms and operational technology (device performance tracking and monitoring) learn to defend IoT and IoT devices securely.
- Cloud computing concepts (container technology, serverless computing), various threats/attacks, and security techniques and tools.
Participants share their real-life case scenarios with each other and apply what they have learned in an online lab.
Type of training
Number of Questions: 125 Test Duration: 4 Hours Test Format: Multiple Choice Test Delivery: ECC EXAM, VUE Exam Prefix: 312-50 (ECC EXAM), 312-50 (VUE) Passing Score: In order to maintain the high integrity of our certification exams, EC-Council Exams are provided in multiple forms (I.e. different question banks). Each form is carefully analyzed through beta testing with an appropriate sample group under the purview of a committee of subject matter experts that ensure that each of our exams not only has academic rigor but also has real world applicability. We also have a process to determine the difficulty rating of each question. The individual rating then contributes to an overall cut score for each exam form. To ensure each form has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 85%.