Course Duration: 6 Weeks & 6 Months
Chandigarh School of Ethical Hacking is offering Certified Ethical Hacker (CEH) course in both 6 Weeks and 6 Months Format. Following is the syllabus,which we trainees will cover in this course. Ethical Hacking is a vast field and 6 Weeks are not enough to understand the whole things. Still, we are doing our best to make these 6 weeks of trainees most valuable for them. On the other hand, in 6 Months format we do cover all the topics in detail.
Syllabus (6 Weeks)
- Basics of Network Security (Study of TCP/IP Protocol, Various Type of Ports, IPv4, IPv6 and many more.)
- Architecture of Linux OS
- Hands on Various Commands of Linux Operating System (VM Ware Workstation)
- WiFi Hacking & Its Security
- Possible Network Attacks & Countermeasures
- IP Packet Capturing
- Packet Crafting
- Port Scanning & Security
- Network Firewall (Recommended Rule For A Secure Network)
- Various Case Studies For Network Security
- OWASP Overview
- SQL Injection Attack
- Cross Site Scripting Attack
- Local File Inclusion & Remote File Inclusion
- CSRF (Cross Site Request Forgery) Attack
- Web Application Firewall
- Windows Hacking & Security
- Remote Access Attack (RAT)
- Social Engineering Attacks (Facebook Hacking Etc.)
- Phishing
- Email Spoofing
- Man in the Middle Attack (MITM)
- DoS Attack (Denial of Service)
- Browser Security
- Malware Analysis (Basic)
- ISO 27001 (Overview)
Syllabus (6 Months)
Part 1 (Network Security)
- Basics of Network (For Beginners)
- How Network Architecture Works?
- Study of Open Systems Interconnection (OSI) Model
- Working Architecture of Linux Operating System (Backtrack 5, Kali Linux)
- Various commands of Linux
- Network Scanning & Security Management
- Need of Network Firewalls & Recommended Rule sets for a secure network
- Hacking a Network to Get Root Access
- Packet Capturing
- Manual Packet Crafting
- Metasploit
- WiFi Hacking & Security Countermeasures
- Network Hijacking With a RAT (Remote Access Trojan)
- Taking Down a Website by performing DoS (Denial of Service) Attack
- DoS Attack Security Mitigations
- Best Security Practices to Make A Network Secure
- Various Case Studies
Part 2 (Web Security)
- Working Architecture of Website & Web Server
- Browser Security
- Intercepting Requests & Responses of Browser
- OWASP Overview
- SQL Injection Attack (Blind SQLi, Error Base SQLi, Time-Based SQLi, Boolean Based SQLi)
- Security Techniques to Secure a Website from SQL Injection Attack
- Cross Site Scripting Attack (Persistent XSS, Stored XSS, DOM Based XSS)
- Security Techniques to Secure a Website from XSS (Cross Site Scripting) Attack
- CSRF (Cross Site Request Forgery) Attack (In Detail)
- Local File Inclusion (LFI) & Remote File Inclusion (RFI) Attack (In Detail)
- Security Misconfiguration Vulnerabilities
- Social Engineering
- Phishing (Gmail, Facebook and Other Social Websites)
- Email Spoofing
- Google Hacking
- Information Gathering
- Web Application Penetration Testing (VAPT)
- Best Practices to Secure MySQL, MSSQL and Web Servers
- Various Case Studies
Part 3 (Operating System Security)
- Windows Architecture & File System
- Possible Windows Attacks & Countermeasures
- Hacking Windows (Remote Code Execution and RAT)
- User Account Password Bypassing
- Windows Server Hardening
- Linux Architecture & File System
- Linux Server Hardening
- Study of Various Kali Linux Tools
- User Experience of VMware Workstation
- Common Linux & Windows Mistakes Which Cause Cyber Attacks
- Best Practices to Secure Linux & Windows Operating System
- Various Case Studies
Part 4 (Digital Forensics)
- Basics of Digital Forensics
- Browser Investigation (Cookies, Session Keys, Cache)
- Disk Based Forensics(Investigation of External Storage Devices USB, Hard Drives, Memory Cards etc)
- Data Recovery
- 6 A’s of Digital Forensics
- Network Forensics & Collecting Evidences for a particular case
- Windows Registry Forensics
- Log Analysis
- Malicious Packet Tracing
- Malware Removal
- Memory Analyzing of Linux & Windows OS
- Use of Volatility & Encase
- Various Case Studies
Part 5 (Compliance)
- IT Laws & Acts
- ISO 27001:2005
- PCI DSS
Final Exam: After 10 Days of Course Completion