Objectives of the trainingAt the end of this training, the participant will have a better understanding of the weaknesses and vulnerabilities of the systems and will be able to help his organization to reinforce the security controls of its systems in order to minimize the risk of incident.
Targeted audienceInformation Security Analyst / Administrator, Information Assurance (IA) Security Officer, Information Security Manager / Specialist, Information Systems Security Engineer / Manager, Information Security Professionals / Officers, Information Security / IT Auditors, Risk / Threat/Vulnerability Analyst, System Administrators, Network Administrators and Engineers
PrerequisiteComputer Networking Skills (Network+)
- The main challenges that occupy the world of computer security, ethical hacking, controls, laws and standards in information security
- How to perform data collection (footprinting) and reconnaissance using the latest collection techniques and tools required for penetration testing.
- Network analysis techniques and analysis countermeasures.
- System access techniques taking advantage of previously identified vulnerabilities and countermeasures.
- Identify security vulnerabilities in the target organization's network, communication infrastructure and endpoints.
- Systems hacking methodology, steganography, steganalysis attacks, and covering one's tracks to discover system and network vulnerabilities.
- Overview of different types of malware (Trojans, viruses, worms, etc.), auditing of systems in anticipation of malware attacks, malware analysis and countermeasures.
- Discovering network vulnerabilities and countermeasures to prevent sniffing.
- Extortion techniques by establishing a false link of trust with the target (e.g. impersonating technical support). How to audit vulnerabilities at the human level to prevent them.
- DoS/DDoS attack techniques and tools to audit a target and DoS/DDoS countermeasures
- Session hijacking techniques by infiltrating at the application (http) or network (TCP) level, corrupting authentication/authorization, taking advantage of encryption weaknesses and countermeasures.
- Techniques for bypassing firewalls, intrusion detection systems and honeypots, tools and techniques for checking network perimeter weaknesses, and countermeasures.
- Comprehensive attack methodology for checking web server infrastructure vulnerabilities, and countermeasures.
- Penetration testing, security audit, vulnerability assessment and penetration testing roadmap.
- SQL injection attack techniques to modify or retrieve data by interfering with SQL statements, injection detection tools to detect SQL injection attempts, and countermeasures.
- Wireless encryption, wireless hacking methodology, wireless hacking tools, and Wi-Fi security tools.
- Attack vector , Android vulnerability exploitation, mobile security guidelines and tools.
- Threats to Internet of Things related platforms and operational technology (device performance tracking and monitoring) learn to defend IoT and IoT devices securely.
- Cloud computing concepts (container technology, serverless computing), various threats/attacks, and security techniques and tools.
Participants share their real-life case scenarios with each other and apply what they have learned in an online lab.
Type of training
Cost of the exam included