Ethical Hacking and Prevention
This course is meant for those professionals who are looking for comprehensive and total
knowledge in the network security domain. This is the only course which teaches both
hacking and prevention techniques. And in keeping with Zoom's standards, this course is
entirely hands on and real time oriented. And need we say, the instructors are network
security and intrusion specialists with several years of experience.
Course Contents
Introduction to Ethical Hacking
Footprinting, Scanning, and Enumeration
Hacking Web servers and Web applications
DoS, SQL injection, Buffer overflow attacks
Cryptography
Wireless hacking
Linux Hacking
Phishing
Countermeasures
www.zoomgroup.com
� Course Curriculum
Introduction to Ethical Hacking Vulnerability Scanner tools
What is Hacking Finding more details about a vulnerability
Who is a Hacker What is a proxy server
Skills of a Hacker How does proxy server work
Types of Hackers Types of proxy servers
Reasons for Hacking How to find proxy servers
Why do hackers use proxy servers
Who are at the risk of Hacking attacks
What is a TOR network
Effects of Computer Hacking on an
organization Why hackers prefer to use TOR
networks
Network Security Challenges
Elements of Information Security Hacking Web Servers & Web Applications
The Security, Functionality & Usability What is a web server
Triangle Different webserver applications in use
What is Ethical Hacking Why are webservers hacked & its
Why Ethical Hacking is Necessary consequences
Scope & Limitations of Ethical Hacking Directory traversal attacks
What is Penetration Testing Website defacement
What is Vulnerability Auditing Website password brute forcing
How to defend against web server
Foot Printing hacking
What is Foot Printing Session Hijacking
Objectives of Foot Printing What is session hijacking
Finding a company’s details Dangers of session hijacking attacks
Finding a company’s domain name Session hijacking techniques
Finding a company’s Internal URLs Cross-Site scripting attack
Finding a company’s Public and Restricted Session hijacking tools
URLs How to defend against session hijacking
Finding a company’s Server details
Finding the details of domain registration SQL Injection
Finding the range of IP Address What is SQL Injection
Finding the DNS information Effects of SQL Injection attacks
Finding the services running on the server
Types of SQL Injection attacks
SQL Injection detection tools
Finding the location of servers
Traceroute analysis Evading Firewalls, IDS & Honeypots
Tracking e-mail communications What is a Firewall
What are the functions of a Firewall
Scanning What is an IDS
What is network scanning How does an IDS work
Objectives of network scanning SPAN
Finding the live hosts in a network IDS tools
SNMP Enumeration
What is a honeypot
Types of honeypots
SMTP Enumeration
Honeypot tools
DNS Enumeration Honeypot detection tools
Finding open ports on a server
Finding the services on a server Buffer Overflow
OS fingerprinting What is a buffer
Understanding usage of buffers in
Server Banner grabbing tools
applications
What is a Vulnerability Scanning What is buffer overflow
Simple buffer overflow in C programming
How to detect a buffer overflow
How to defend against buffer overflow
attacks
www.zoomgroup.com
�Denial of Service Phishing
What is a DoS attack What is Phishing
What is a DDoS attack How Phishing website is hosted
Symptoms of a Dos attack How victims are tricked to access
DoS attack techniques Phishing websites
What is a Botnet How to differentiate a Phishing webpage
Defending DoS attacks from the original webpage
How to defend against Phishing attacks
Cryptography
What is Cryptography Malware
Types of cryptography What is malware
Cipher algorithms Types of malware
Public key infrastructure o Virus
What is a Hash What is a virus program
Cryptography attacks What are the properties of a
virus program
System Hacking How does a computer get
What is system Hacking infected by virus
Goals of System Hacking Types of virus
Password Cracking Virus making tools
Password complexity How to defend against virus
Finding the default passwords of network attacks
devices and softwares o Worm
Password cracking methods What is a worm program
o Online password cracking How worms are different from
Man-in-the-middle attack virus
Password guessing Trojan
o Offline password cracking What is a Trojan horse
Brute force cracking How does a Trojan operate
Dictionary based cracking Types of Trojans
Hybrid attack
Identifying Trojan infections
USB password stealers
How to defend against Trojans
Elcomsoft Distributed password recovery
tools
o Spyware
Active password changer
What is a spyware
What is a keylogger
Types of spywares
How to deploy a keylogger to a remote pc How to defend against spyware
How to defend against a keylogger Rootkits
Sniffers What is a Rootkit
What is a sniffer
Types of Rootkits
How does Rootkit operate
How sniffer works
How to defend against Rootkits
Types of sniffing
o Active sniffing
Kali Linux
o Passive Sniffing
What is promiscuous mode What is Kali Linux
How to put a PC into promiscuous mode How Kali Linux is different from other
What is ARP Linux distributions
ARP poison attack What are the uses of Kali Linux
Threats of ARP poison attack Tools for Footprinting, Scanning &
How MAC spoofing works Sniffing
MAC Flooding What is Metasploit framework
What is a CAM Table Using Metasploit framework to attack
How to defend against MAC Spoofing Wiindows machines
attacks Using Metasploit framework to attack
How to defend against Sniffers in network Android devices
www.zoomgroup.com
�Wireless Hacking IDS / IPS
Types of wireless networks o What is an IDS
o What is a IPS
Wi-Fi usage statistics o Difference between IDS & IPS
Finding a Wi-Fi network o Placement of IDS in the
Types of Wi-Fi authentications Network
o Configuring an IDS in the
o Using a centralized authentication Network
server o Placement of IPS in the
o Using local authentication Network
Types of Wi-Fi encryption methods o Configuring an IPS in the
o WEP Network
o WPA UTM / Next-Generation Firewall
o WPA2 o What is a UTM
o Features of UTM
How does WEP work
o Difference between a Firewall &
Weakness of WEP encryption a UTM
How does WPA work o Placement of UTM in the
Network
How does WPA2 work o Configuring a UTM in the
Hardware and software required to crack Network
Wi-Fi networks o Monitoring attacks using UTM
How to crack WEP encryption o Configuring IPS module in UTM
to detect and stop attacks
How to crack WPA encryption
How to crack WPA2 encryption Counter Measure Techniques for Local
How to defend against Wi-Fi cracking Systems
attacks Identifying the Vulnerabilities of a system
Understanding the Vulnerabilities of a
system
o CVE ID
Penetration Testing
o Bugtraq ID
What is Penetration Testing Patch Management
Types of Penetration Testing o Identifying the patch for a
What is to be tested Vulnerability
o Downloading the Patch
o Testing the network devices for mis- o Testing the patch for stability in
configuration test environment
o Testing the servers and hosting o Deploying the patch to Live
applications for mis-configuration Network
o Testing the servers and hosting Finding the missing updates in an
applications for vulnerabilities Operating System
o Testing wireless networks o Microsoft Baseline Security
o Testing for Denial of Service attacks Analyzer
o Belarc Advisor
Counter Measure Techniques for Network level Counter Measure Techniques for Malware
attacks Attacks
Types of Firewall Scanning systems for Malware infections
o Packet Filtering Firewall Types of anti-malwares
o Circuit-Level Gateway Firewall o Anti-Virus
o Application-Level Firewall o Anti-Worm
o Stateful Multilayer Inspection o Anti-Trojan
Firewall o Anti-Rootkit
o Internet Security Suites
o Limitations of a Firewall
HIDS
HIPS
www.zoomgroup.com
