Free Certified Ethical Hacker (CEH) V12: Your Pathway to CEH Training For Certification – ITU Online IT Training
+1 855.488.5327 customerservice@ituonline.com Mon – Fri: 9:00am – 5:00pm ET
Login To My Training Cart
Ready to start learning? Individual Plans →Team Plans →
[ Course ]

Free Certified Ethical Hacker (CEH) V12: Your Pathway to CEH Training For Certification

Learn ethical hacking techniques and gain practical skills to identify vulnerabilities, assess security risks, and strengthen your organization’s defenses.


231 Hrs 13 Min1,035 Videos1,296 QuestionsCertificate of CompletionClosed Captions

Free Certified Ethical Hacker (CEH) V12: Your Pathway to CEH Training For Certification



Enroll Now

When a security team wants to know whether a firewall rule actually holds up under pressure, or whether a weak password policy can be cracked in minutes, they do not need theory. They need someone who can test the environment the way an attacker would, then explain the risk clearly enough that leadership will fund the fix. That is exactly where Certified Ethical Hacker training earns its keep. In this course, you learn to approach systems with an attacker’s mindset while staying firmly inside legal and professional boundaries. You are not memorizing trivia. You are learning how to find weakness, prove it responsibly, and help an organization close the gap before someone else finds it first.

This on-demand course is built around EC-Council® Certified Ethical Hacker (C|EH™) training, and I designed it to help you build real working confidence, not just passively absorb terminology. You will move through the same core ideas security teams use every day: reconnaissance, scanning, enumeration, exploitation, evasion, social engineering, wireless assessment, cloud and IoT exposure, and reporting. If you have ever looked at a network and thought, “I understand the pieces, but I do not yet know how an attacker thinks,” this course is for you.

What Certified Ethical Hacker training actually teaches you

Let me be direct: ethical hacking is not about running a few tools and calling yourself a tester. The value is in understanding how each phase of an attack works, why a weakness matters, and how to document it in a way a system owner can act on. This Certified Ethical Hacker course teaches you that end-to-end workflow. You begin with the legal and ethical framework that separates approved testing from reckless behavior, then move into the technical methods attackers use to map a target and discover vulnerabilities. Once you understand the terrain, you learn how to validate weaknesses in operating systems, web applications, network devices, wireless networks, cloud services, and IoT environments.

That sequence matters. Too many students try to jump straight to flashy exploitation tools without understanding reconnaissance or enumeration. That is backwards. In real assessments, the quality of your findings depends on how well you collect information, how carefully you interpret it, and how cleanly you verify the exposure. In this course, you will use tools such as Nmap, Wireshark, Metasploit, and Kali Linux in context, not as isolated demos. You will also learn how social engineering fits into the broader attack chain, because people remain one of the most reliable entry points in any security program.

By the time you finish, you should be able to explain not just what is vulnerable, but how it could be abused, why it matters to the business, and what should be done next. That is the difference between a tool user and a security professional.

  • Understand ethical hacking concepts and legal authorization
  • Map networks and identify live hosts, open ports, and exposed services
  • Interpret scan results and prioritize likely attack paths
  • Validate weaknesses in web, wireless, cloud, and endpoint environments
  • Write findings that management and technical teams can both use

How this Certified Ethical Hacker course builds practical skill

Every serious security professional needs more than definitions. You need a repeatable process. I structured this training so you can think in phases, the way real testers and defenders do. First comes recon: gathering information without tipping your hand. Then scanning: identifying reachable systems and services. Then enumeration: pulling out details that reveal user accounts, software versions, shares, banners, protocols, and misconfigurations. After that comes exploitation, where you confirm whether the flaw is actually usable. Finally, you translate the technical result into risk, impact, and remediation.

The reason this matters is simple. A vulnerability that looks serious in a report may turn out to be low-risk in context, while a small-looking misconfiguration may be the exact foothold an attacker needs. This course teaches you to evaluate both the technical and operational sides of a finding. For example, a weak SNMP configuration, an exposed administrative interface, or a careless file share may not sound dramatic until you trace how credentials, privilege escalation, or lateral movement could turn that weakness into a real incident.

You will also develop the habit of verifying before concluding. That is one of the most important traits in a Certified Ethical Hacker. Good testers do not guess. They confirm. They document. They show evidence. And they stop once they have proven the risk. That discipline is what employers want, because it separates ethical testing from disruptive tinkering.

Good ethical hacking is controlled pressure-testing. You are not trying to break everything; you are trying to prove where control is weak enough to matter.

Tools and techniques you will use in the field

This course gives you meaningful exposure to the tools you will actually hear about in security jobs and penetration testing conversations. Nmap helps you discover hosts, ports, services, and operating system clues. Wireshark shows you packet-level behavior, which is often where authentication problems, protocol misuse, and data leakage become obvious. Metasploit gives you a structured way to validate exploitability when a known weakness is present. Kali Linux serves as your testing environment, giving you a flexible, security-focused toolkit for assessments.

But the tools are only half the story. The skill is knowing when to use them and how to interpret what they show you. A port scan that finds an open service is not the final answer; it is the beginning of an investigation. A packet capture is not just traffic noise; it may reveal clear-text credentials, suspicious retransmissions, or insecure negotiation. A successful exploit demonstration is not a trophy; it is evidence that a control failed under realistic conditions.

We also spend time on the kinds of techniques that appear in actual assessments:

  • Network discovery and service enumeration
  • Web application assessment basics
  • Operating system exposure and privilege paths
  • Wireless reconnaissance and security weakness analysis
  • Social engineering awareness and defensive controls
  • Cloud and IoT attack surface review

If you are aiming for Certified Ethical Hacker credibility, this hands-on mindset matters more than any single command or screenshot. Tools change. Methods endure.

Certified Ethical Hacker exam preparation without the fluff

If you are taking this course because you want EC-Council® Certified Ethical Hacker (C|EH™) alignment, you need a study path that helps you think the way the exam expects you to think. This training is designed to reinforce the terminology, workflows, and decision-making patterns tied to the certification. That means you will not only learn attack concepts, but also the logic behind selecting the right technique, identifying the right evidence, and understanding why one defense blocks a particular method while another does not.

The CEH exam style rewards broad familiarity with ethical hacking concepts across multiple domains. You should expect to understand reconnaissance, enumeration, vulnerability analysis, system hacking concepts, malware awareness, sniffing, social engineering, session hijacking, web attacks, wireless attacks, cloud, cryptography fundamentals, and more. This course helps you build that breadth without losing sight of practical application. I always tell students that the easiest mistakes on a certification exam come from shallow memorization. If you truly understand the workflow, the answer choices start to make sense.

Use this course to prepare for the certification the right way:

  1. Learn the concept before chasing the tool.
  2. Understand the attack phase before memorizing the exploit type.
  3. Match the weakness to the control that would prevent it.
  4. Practice interpreting evidence rather than guessing from jargon.
  5. Review the reporting and remediation angle, because security is not only about attack.

That is how you turn Certified Ethical Hacker study time into real readiness instead of short-lived test memory.

Who should take this course and where it fits in your career

This course is a strong fit if you already work in IT and want to move closer to offensive security, risk analysis, or security operations. I built it with working professionals in mind: cybersecurity analysts, network administrators, security engineers, penetration testers, IT auditors, and technical support staff who want to sharpen their understanding of how systems are actually abused. If you are in a role where you already troubleshoot authentication issues, manage firewalls, interpret logs, or support endpoint tools, you probably have more useful background than you think.

You do not need to arrive as an expert. A basic working knowledge of networking, operating systems, and web concepts is enough to begin. What helps most is curiosity and discipline. If you like asking “How would this fail?” and “What would an attacker try next?” you are already thinking in the right direction. Beginners can absolutely benefit, but this is not a passive overview course. You will get more from it if you are willing to pause, repeat, and practice the reasoning behind the actions.

Career-wise, the Certified Ethical Hacker path can support roles such as:

  • Security analyst
  • Penetration tester
  • Cyber defense specialist
  • Vulnerability management analyst
  • Security consultant
  • IT auditor focused on technical control validation

Salary ranges vary by region and experience, but in the United States, security analysts and entry-level penetration testing roles often start in the low-to-mid six figures, while experienced testers and consultants can climb considerably higher. The credential alone does not create value; the skill set does. This course helps you build the skill set employers notice.

Why the skills in this course matter in real organizations

Most breaches are not the result of one genius attacker solving an impossible problem. They usually come from a chain of smaller failures: weak access control, unpatched software, exposed services, poor segmentation, careless users, and inadequate monitoring. Certified Ethical Hacker training gives you the ability to see that chain before it becomes an incident. That is why organizations pay attention to people who can test defenses responsibly. They are not just looking for a person who knows security vocabulary. They want someone who can help them reduce risk in measurable terms.

Think about the situations where this knowledge pays off immediately. A security team needs to validate whether a new wireless deployment exposes the internal network. An auditor wants evidence that a legacy server is still reachable from places it should not be. A cloud team needs to know whether public storage, over-permissive IAM roles, or exposed management interfaces could become a problem. A manager asks whether a phishing simulation demonstrates real business risk or just user curiosity. These are not abstract questions. They are daily operational issues.

When you can explain how a weakness leads to compromise, you become useful across teams. You help defenders prioritize. You help engineers fix the right thing. You help management see why a control matters. That is why Certified Ethical Hacker skills remain relevant even when toolsets and attack methods change. The ability to analyze exposure, validate it, and communicate it is durable. It is one of the few cybersecurity skills that translates across industries.

How you will approach reporting, remediation, and professional conduct

A lot of learners underestimate reporting. I do not. In real work, your report is often more important than your exploit demo. If your findings are unclear, incomplete, or impossible to act on, the assessment has limited value. In this course, you will learn how to document evidence, describe impact in business-friendly terms, and recommend remediation steps that make sense to the people who have to implement them. That includes technical fixes, policy changes, hardening measures, and validation steps.

Professional conduct matters just as much. Ethical hacking is not permission to improvise beyond scope. You need to understand authorization, boundaries, disclosure practices, and responsible testing behavior. That discipline protects you, your client, and the organization’s systems. It also builds trust, and trust is what gets security professionals invited back to do deeper work.

When you report, focus on clarity:

  • What asset was tested
  • What weakness was observed
  • How the issue could be abused
  • What the likely impact is
  • How to remediate it
  • How to verify the fix

That structure sounds simple, but it is the difference between a report that gets filed away and a report that drives action. A strong Certified Ethical Hacker knows how to prove risk and communicate it without drama.

What you should know before you begin

You do not need prior certification to start this course, and that is intentional. Still, you will benefit more if you are comfortable with basic networking concepts such as IP addressing, DNS, ports, common protocols, and the idea of client-server communication. Familiarity with Windows and Linux command-line basics will help, as will a working understanding of web browsing, accounts, permissions, and simple security terminology. If those areas feel shaky, you can still succeed here, but you should be ready to slow down and reinforce fundamentals as you go.

I also recommend bringing patience. Ethical hacking is a skill you build by repetition. The first time you interpret a scan result, it may feel mechanical. The fifth time, you will start spotting patterns. The tenth time, you will think in attack paths almost automatically. That is the level you want. Not because it sounds impressive, but because it helps you protect systems with confidence instead of guesswork.

If your goal is to earn EC-Council® Certified Ethical Hacker (C|EH™) alignment, move through the course with a notebook, test your understanding after each topic, and practice explaining each vulnerability in plain English. If you can do that, you are not just preparing for a certification. You are training yourself to function like a capable security professional.

EC-Council® and C|EH™ are trademarks of EC-Council. This content is for educational purposes.

Certified Ethical Hacker (CEH) v12 Course Content

Download Outline

Module 1 – Introduction To Ethical Hacking
  • 1.0 Introduction to CEH v12
  • 1.1 Elements of Security
  • 1.2 Cyber Kill Chain
  • 1.3 MITRE ATT&CK Framework
  • 1.3.1 Activity – Researching the MITRE ATTACK Framework
  • 1.4 Hacking
  • 1.5 Ethical Hacking
  • 1.6 Information Assurance
  • 1.7 Risk Management
  • 1.8 Incident Management
  • 1.9 Information Security Laws and Standards
  • 1.10 Introduction to Ethical Hacking Review
Module 2: Footprinting and Reconnaissance
  • 2.1 Footprinting Concepts
  • 2.2 OSINT Tools
  • 2.2.1 Activity – Conduct OSINT with OSR Framework
  • 2.2.2 Activity – OSINT with theHarvester
  • 2.2.3 Activity – Add API Keys to theHarvester
  • 2.2.4 Activity – Extract Document Metadata with FOCA
  • 2.2.5 Activity – Extract Document Metadata with FOCA
  • 2.3 Advanced Google Search
  • 2.3.1 Activity – Google Hacking
  • 2.4 Whois Footprinting
  • 2.4.1 Activity – Conducting Whois Research
  • 2.5 DNS Footprinting
  • 2.5.1 Activity – Query DNS with NSLOOKUP
  • 2.6 Website Footprinting
  • 2.6.1 Activity – Fingerprint a Webserver with ID Serve
  • 2.6.2 Activity – Extract Data from Websites
  • 2.6.3 Activity – Mirror a Website with HTTrack
  • 2.7 Email Footprinting
  • 2.7.1 Activity – Trace a Suspicious Email
  • 2.8 Network Footprinting
  • 2.9 Social Network Footprinting
  • 2.10 Footprinting and Reconnaissance Countermeasures
  • 2.11 Footprinting and Reconnaissance Review
Module 3: Scanning Networks
  • 3.1 Scanning Concepts
  • 3.2 Discovery Scans
  • 3.2.1 Activity – ICMP ECHO and ARP Pings
  • 3.2.2 Activity – Host Discovery with Angry IP Scanner
  • 3.3 Port Scans
  • 3.3.1 Activity – Port Scan with Angry IP Scanner
  • 3.4 Other Scan Types
  • 3.5 Scanning Tools
  • 3.5.1 Activity – Hping3 Packet Crafting
  • 3.5.2 Activity – Fingerprinting with Zenmap
  • 3.6 NMAP
  • 3.6.1 Activity – Nmap Basic Scans
  • 3.6.2 Activity – Host Discovery with Nmap
  • 3.6.3 – Activity – Nmap Version Detection
  • 3.6.4 Activity – Nmap Idle (Zombie) Scan
  • 3.6.5 Activity – Nmap FTP Bounce Scan
  • 3.6.6 – Activity – NMAP Scripts
  • 3.7 Firewall and IDS Evasion
  • 3.7.1 Activity – Nmap Advanced Scans
  • 3.8 Proxies
  • 3.9 Scanning Countermeasures
  • 3.10 Scanning Networks Review
Module 4: Enumeration
  • 4.1 Enumeration Overview
  • 4.2 SMB_NetBIOS_Enumeration
  • 4.2.1 Activity – Enumerate NetBIOS Information with Hyena
  • 4.3 File Transfer Enumeration
  • 4.4 WMI Enumeration
  • 4.4.1 – Activity – Enumerating WMI with Hyena
  • 4.5 SNMP Enumeration
  • 4.5.1 Activity – Enumerate WMI, SNMP and Other Information Using SoftPerfect
  • 4.6 LDAP Enumeration
  • 4.7 DNS Enumeration
  • 4.8 SMTP Enumeration
  • 4.8.1 Activity – Enumerate Email Users with SMTP
  • 4.9 Remote Connection Enumeration
  • 4.10 Website Enumeration
  • 4.10.1 Activity – Enumerate a Website with DirBuster
  • 4.11 Other Enumeration Types
  • 4.12 Enumeration Countermeasures and Review
Module 5: Vulnerability Analysis
  • 5.1 Vulnerability Scanning
  • 5.1.1 Vulnerability Scanning with OpenVAS
  • 5.2 Vulnerability Assessment
  • 5.3 Vulnerability Analysis Review
Module 6: System Hacking
  • 6.1 System Hacking Concepts
  • 6.2 Common OS Exploits
  • 6.3 Buffer Overflows
  • 6.3.1 Activity – Performing a Buffer Overflow
  • 6.4 System Hacking Tools and Frameworks
  • 6.4.1 Activity – Hack a Linux Target from Start to Finish
  • 6.5 Metasploit
  • 6.5.1 Activity – Get Started with Metasploit
  • 6.6 Meterpreter
  • 6.7 Keylogging and Spyware
  • 6.7.1 Activity – Keylogging with Meterpreter
  • 6.8 Netcat
  • 6.8.1 Activity – Using Netcat
  • 6.9 Hacking Windows
  • 6.9.1 Activity – Hacking Windows with Eternal Blue
  • 6.10 Hacking Linux
  • 6.11 Password Attacks
  • 6.11.1 Activity – Pass the Hash
  • 6.11.2 Activity – Password Spraying
  • 6.12 Password Cracking Tools
  • 6.13 Windows Password Cracking
  • 6.13.1 Activity – Cracking Windows Passwords
  • 6.13.2 Activity – Cracking Password Hashes with Hashcat
  • 6.14 Linux Password Cracking
  • 6.15 Other Methods for Obtaining Passwords
  • 6.16 Network Service Attacks
  • 6.16.1 Activity – Brute Forcing a Network Service with Medusa
  • 6.17 Post Exploitation
  • 6.18 Pivoting
  • 6.18.1 & 6.18.2 Activity – Pivoting Setup and Attack
  • 6.19 Maintaining Access
  • 6.19.1 Activity – Persistence
  • 6.20 Hiding Data
  • 6.20.1 Activity – Hiding Data Using Least Significant Bit Steganography
  • 6.21 Covering Tracks
  • 6.21.1 Activity – Clearing Tracks in Windows
  • 6.21.2 Activity – View and Clear Audit Policies with Auditpol
  • 6.22 System Hacking Countermeasures
  • 6.23 System Hacking Review
Module 7: Malware Threats
  • 7.1 Malware Overview
  • 7.2 Viruses
  • 7.3 Trojans
  • 7.3.1 Activity – Deploying a RAT
  • 7.4 Rootkits
  • 7.5 Other Malware
  • 7.6 Advanced Persistent Threat
  • 7.7 Malware Makers
  • 7.7.1 Activity – Creating a Malware Dropper and Handler
  • 7.8 Malware Detection
  • 7.9 Malware Analysis
  • 7.9.1 Activity – Performing a Static Code Review
  • 7.9.2 Activity – Analyzing the SolarWinds Orion Hack
  • 7.10 Malware Countermeasures
  • 7.11 Malware Threats Review
Module 8: Sniffing
  • 8.1 Network Sniffing
  • 8.2 Sniffing Tools
  • 8.2.1 Activity- Sniffing HTTP with Wireshark
  • 8.2.2 Activity – Capturing Files from SMB
  • 8.3 ARP and MAC Attacks
  • 8.3.1 Activity – Performing an MITM Attack with Ettercap
  • 8.4 Name Resolution Attacks
  • 8.4.1 Activity – Spoofing Responses with Responder
  • 8.5 Other Layer 2 Attacks
  • 8.6 Sniffing Countermeasures
  • 8.7 Sniffing Review
Module 9: Social Engineering
  • 9.1 Social Engineering Concepts
  • 9.2 Social Engineering Techniques
  • 9.2.1 Activity – Deploying a Baited USB Stick
  • 9.2.2 Activity – Using an O.MG Lightning Cable
  • 9.3 Social Engineering Tools
  • 9.3.1 Activity – Phishing for Credentials
  • 9.4 Social Media, Identity Theft, Insider Threats
  • 9.5 Social Engineering Countermeasures
  • 9.6 Social Engineering Review
Module 10: Denial-of-Service
  • 10.1 DoS-DDoS Concepts
  • 10.2 Volumetric Attacks
  • 10.3 Fragmentation Attacks
  • 10.4 State Exhaustion Attacks
  • 10.5 Application Layer Attacks
  • 10.5.1 Activity – Performing a LOIC Attack
  • 10.5.2 Activity – Performing a HOIC Attack
  • 10.5.3 Activity – Conducting a Slowloris Attack
  • 10.6 Other Attacks
  • 10.7 DoS Tools
  • 10.8 DoS Countermeasures
  • 10.9 DoS Review
Module 11: Session Hijacking
  • 11.1 Session Hijacking
  • 11.2 Compromising a Session Token
  • 11.3 XSS
  • 11.4 CSRF
  • 11.5 Other Web Hijacking Attacks
  • 11.6 Network-Level Session Hijacking
  • 11.6.1 Activity – Hijack a Telnet Session
  • 11.7 Session Hijacking Tools
  • 11.8 Session Hijacking Countermeasures
  • 11.9 Session Hijacking Review
Module 12: Evading IDS, Firewalls, and Honeypots
  • 12.1 Types of IDS
  • 12.2 Snort
  • 12.3 System Logs
  • 12.4 IDS Considerations
  • 12.5 IDS Evasion
  • 12.5.1 Activity – Fly Below IDS Radar
  • 12.6 Firewalls
  • 12.7 Packet Filtering Rules
  • 12.8 Firewall Deployments
  • 12.9 Split DNS
  • 12.10 Firewall Product Types
  • 12.11 Firewall Evasion
  • 12.11.1 Activity – Use Social Engineering to Bypass a Windows Firewall
  • 12.11.2 Activity – Busting the DOM for WAF Evasion
  • 12.12 Honeypots
  • 12.13 Honeypot Detection and Evasion
  • 12.13.1 Activity – Test and Analyze a Honey Pot
  • 12.14 Evading IDS, Firewalls, and Honeypots Review
Module 13: Hacking Web Servers
  • 13.1 Web Server Operations
  • 13.2 Hacking Web Servers
  • 13.3 Common Web Server Attacks
  • 13.3.1 Activity – Defacing a Website
  • 13.4 Web Server Attack Tools
  • 13.5 Hacking Web Servers Countermeasures
  • 13.6 Hacking Web Servers Review
Module 14: Hacking Web Applications
  • 14.1 Web Application Concepts
  • 14.2 Attacking Web Apps
  • 14.3 A01 Broken Access Control
  • 14.4 A02 Cryptographic Failures
  • 14.5 A03 Injection
  • 14.5.1 Activity – Command Injection
  • 14.6 A04 Insecure Design
  • 14.7 A05 Security Misconfiguration
  • 14.8 A06 Vulnerable and Outdated Components
  • 14.9 A07 Identification and Authentication Failures
  • 14.10 A08 Software and Data integrity Failures
  • 14.11 A09 Security Logging and Monitoring Failures
  • 14.12 A10 Server-Side Request Forgery
  • 14.13 XSS Attacks
  • 14.13.1 Activity – XSS Walkthrough
  • 14.13.2 Activity – Inject a Malicious iFrame with XXS
  • 14.14 CSRF
  • 14.15 Parameter Tampering
  • 14.15.1 Activity – Parameter Tampering with Burp
  • 14.16 Clickjacking
  • 14.17 SQL Injection
  • 14.18 Insecure Deserialization Attacks
  • 14.19 IDOR
  • 14.19.1 Activity – Hacking with IDOR
  • 14.20 Directory Traversal
  • 14.21 Session Management Attacks
  • 14.22 Response Splitting
  • 14.23 Overflow Attacks
  • 14.24 XXE Attacks
  • 14.25 Web App DoS
  • 14.26 Soap Attacks
  • 14.27 AJAX Attacks
  • 14.28 Web API Hacking
  • 14.29 Webhooks and Web Shells
  • 14.30 Web App Hacking Tools
  • 14.31 Hacking Web Applications Countermeasures
  • 14.32 Hacking Web Applications Review
Module 15: SQL Injection
  • 15.1 SQL Injection Overview
  • 15.2 Basic SQL Injection
  • 15.3 Finding Vulnerable Websites
  • 15.4 Error-based SQL Injection
  • 15.5 Union SQL Injection
  • 15.5.1 Activity – Testing SQLi on a Live Website – Part 1
  • 15.5.2 Activity – Testing SQLi on a Live Website – Part 2
  • 15.6 Blind SQL Injection
  • 15.7 SQL Injection Tools
  • 15.7.1 Activity – SQL Injection Using SQLmap
  • 15.8 Evading Detection
  • 15.9 Analyzing SQL Injection
  • 15.10 SQL Injection Countermeasures
  • 15.11 SQL Injection Review
Module 16: Hacking Wireless Networks
  • 16.1 Wireless Concepts
  • 16.2 Wireless Security Standards
  • 16.3 WI-FI Discovery Tools
  • 16.4 Common Wi-Fi Attacks
  • 16.5 Wi-Fi Password Cracking
  • 16.6 WEP Cracking
  • 16.6.1 Activity – Cracking WEP
  • 16.7 WPA,WPA2,WPA3 Cracking
  • 16.7.1 Activity – WPA KRACK Attack
  • 16.8 WPS Cracking
  • 16.9 Bluetooth Hacking
  • 16.10 Other Wireless Hacking
  • 16.10.1 Activity – Cloning an RFID badge
  • 16.10.2 Activity – Hacking with a Flipper Zero
  • 16.11 Wireless Security Tools
  • 16.12 Wireless Hacking Countermeasures
  • 16.13 Hacking Wireless Networks Review
Module 17: Hacking Mobile Platforms
  • 17.1 Mobile Device Overview
  • 17.2 Mobile Device Attacks
  • 17.3 Android Vulnerabilities
  • 17.4 Rooting Android
  • 17.5 Android Exploits
  • 17.5.1 Activity – Hacking Android
  • 17.5.2 Activity – Using a Mobile Device in a DDoS Campaign
  • 17.6 Android-based Hacking Tools
  • 17.7 Reverse Engineering an Android App
  • 17.8 Securing Android
  • 17.9 iOS Overview
  • 17.10 Jailbreaking iOS
  • 17.11 iOS Exploits
  • 17.12 iOS-based Hacking Tools
  • 17.13 Reverse Engineering an iOS App
  • 17.14 Securing iOS
  • 17.15 Mobile Device Management
  • 17.16 Hacking Mobile Platforms Countermeasures
  • 17.17 Hacking Mobile Platforms Review
Module 18: IoT AND OT Hacking
  • 18.1 IoT Overview
  • 18.2 IoT Infrastructure
  • 18.3 IoT Vulnerabilities and Threats
  • 18.3.1 Activity – Searching for Vulnerable IoT Devices
  • 18.4 IoT Hacking Methodology and Tools
  • 18.5 IoT Hacking Countermeasures
  • 18.6 OT Concepts
  • 18.7 IT-OT Convergence
  • 18.8 OT Components
  • 18.9 OT Vulnerabilities
  • 18.10 OT Attack Methodology and Tools
  • 18.11 OT Hacking Countermeasures
  • 18.12 IoT and OT Hacking Review
Module 19: Cloud Computing
  • 19.1 Cloud Computing Concepts
  • 19.2 Cloud Types
  • 19.3 Cloud Benefits and Considerations
  • 19.4 Cloud Risks and Vulnerabilities
  • 19.5 Cloud Threats and Countermeasures
  • 19.5.1 Activity – Hacking S3 Buckets
  • 19.6 Cloud Security Tools And Best Practices
  • 19.7 Cloud Computing Review
Module 20: Cryptography
  • 20.1 Cryptography Concepts
  • 20.2 Symmetric Encryption
  • 20.2.1 Activity – Symmetric Encryption
  • 20.3 Asymmetric Encryption
  • 20.3.1 Activity – Asymmetric Encryption
  • 20.4 Public Key Exchange
  • 20.5 PKI
  • 20.5.1 Activity – Generating and Using an Asymmetric Key Pair
  • 20.6 Digital Signatures
  • 20.7 Hashing
  • 20.7.1 Activity – Calculating Hashes
  • 20.8 Common Cryptography Use Cases
  • 20.9 Cryptography Tools
  • 20.10 Cryptography Attacks
  • 20.11 Cryptography Review
  • 20.12 Course Conclusion

CompTIA Security+ SY0-601 Course Content

Download Outline

Module 1 – Introduction to Security
  • 1.1 Introduction to Security
Module 2 – Malware and Social Engineering Attacks
  • 2.1 Malware and Social Engineering Attacks
Module 3 – Basic Cryptography
  • 3.1 Basic Cryptography
Module 4 – Advanced Cryptography and PKI
  • 4.1 Advanced Cryptography and PKI
Module 5 – Networking and Server Attacks
  • 5.1 Networking and Server Attacks
Module 6 – Network Security Devices, Designs and Technology
  • 6.1 Network Security Devices, Designs and Technology
Module 7 – Administering a Secure Network
  • 7.1 Administering a Secure Network
Module 8 – Wireless Network Security
  • 8.1 Wireless Network Security
Module 9 – Client and Application Security
  • 9.1 Client and Application Security
Module 10 – Mobile and Embedded Device Security
  • 10.1 Mobile and Embedded Device Security
Module 11 – Authentication and Account Management
  • 11.1 Authentication and Account Management
Module 12 – Access Management
  • 12.1 Access Management
Module 13 – Vulnerability Assessment and Data Security
  • 13.1 Vulnerability Assessment and Data Security
Module 14 – Business Continuity
  • 14.1 Business Continuity
Module 15 – Risk Mitigation
  • 15.1 Risk Mitigation
Module 16 – Security Plus Summary and Review
  • 16.1 – Security Plus Summary and Review
Module 17 – Hands-On Training
  • 17.1 Hands-On Scanning Part 1
  • 17.2 Hands-On Scanning Part 2
  • 17.3 Hands-On Advanced Scanning
  • 17.4 Hands-On MetaSploit
  • 17.5 Hands-On BurpSuite
  • 17.6 Hands-On Exploitation Tools Part 1
  • 17.7 Hands-On Exploitation Tools Part 2
  • 17.8 Hands-On Invisibility Tools
  • 17.9 Hands-On Connect to Tor

Certified Information Systems Security Pro (CISSP) Course Content

Download Outline

Module 1: Security and Risk Management
  • Introduction
  • CIA Triad Security Governance – Part 1
  • CIA Triad Security Governance – Part 2
  • Compliance Legal And Regulatory Issues – Part 1
  • Compliance Legal And Regulatory Issues – Part 2
  • Understanding Professional Ethics – Part 1
  • Understanding Professional Ethics – Part 2
  • Risk Management – Part 1
  • Risk Management – Part 2
  • Threat Modeling Acquisition Strategy And Practice Security Awareness And Training – Part 1
  • Threat Modeling Acquisition Strategy And Practice Security Awareness And Training – Part 2
Module 2: Asset Security
  • Asset Security – Part 1
  • Asset Security – Part 2
Module 3: Security Engineering
  • Engineering And Management Of Security – Part 1
  • Engineering And Management Of Security – Part 2
  • Engineering And Management Of Security – Part 3
  • Engineering And Management Of Security – Part 4
  • Engineering And Management Of Security – Part 5
  • Engineering And Management Of Security – Part 6
Module 4: Communication and Network Security
  • Apply Secure Design Principles To Networks – Part 1
  • Apply Secure Design Principles To Networks – Part 2
  • Apply Secure Design Principles To Networks – Part 3
  • Apply Secure Design Principles To Networks – Part 4
  • Apply Secure Design Principles To Networks – Part 5
  • Apply Secure Design Principles To Networks – Part 6
  • Securing Network Components – Part 1
  • Securing Network Components – Part 2
  • Design And Establish Secure Communication Channels – Part 1
  • Design And Establish Secure Communication Channels – Part 2
  • Design And Establish Secure Communication Channels – Part 3
Module 5: Identity and Access Management
  • Controlling Access And Managing Identity – Part 1
  • Controlling Access And Managing Identity – Part 2
  • Controlling Access And Managing Identity – Part 3
  • Controlling Access And Managing Identity – Part 4
Module 6: Security Assessment Testing
  • Designing Performing And Analyzing Security Testing
Module 7: Security Operations
  • Foundational Concepts And Investigations – Part 1
  • Foundational Concepts And Investigations – Part 2
  • Incident Management And Preventative Measures – Part 1
  • Incident Management And Preventative Measures – Part 2
  • Disaster Recovery Process – Part 1
  • Disaster Recovery Process – Part 2
Module 8: Software Development Security
  • Understanding Applying And Enforcing Software Security – Part 1
  • Understanding Applying And Enforcing Software Security – Part 2
  • Conclusion

Certified Information Security Manager (CISM) Course Content

Download Outline

Module 1: Introduction
  • Instructor Introduction
  • Course Introduction
  • Exam Overview
Module 2: Information Security Governance
  • Module Overview
  • InfoSec Strategic Context Part 1
  • InfoSec Strategic Context Part 2
  • GRC Strategy and Assurance
  • Roles and Responsibilities
  • GMA Tasks Knowledge and Metrics
  • IS Strategy Overview
  • Strategy Implemenation
  • Strategy Development Support
  • Architecture and Controls
  • Considerations and Action Plan
  • InfoSec Prog Objectives and Wrap-Up
Module 3: Information Security Risk Management
  • Module Overview
  • Risk Identification Task and Knowledge
  • Risk Management Strategy
  • Additional Considerations
  • Risk Analysis and Treatment Tasks & Knowledge
  • Leveraging Frameworks
  • Assessment Tools and Analysis
  • Risk Scenario Development
  • Additional Risk Factors
  • Asset Classification and Risk Management
  • Risk Monitoring and Communication
  • Information Risk Management Summary
Module 4: InfoSec Prog Development and Management
  • Module Overview
  • Alignment and Resource Management – Task and Knowledge
  • Key Relationships
  • Standards Awareness and Training – Tasks and Knowledge
  • Awareness and Training
  • Building Security into Process and Practices – Tasks and Knowledge
  • Additional Technology Infrastructure Concerns
  • Security monitoring and reporting Overview Tasks and Knowledge
  • Metrics and Monitoring
  • Summary
Module 5: Information Security Incident Management
  • Module Overview
  • Planning and Integration Overview Task and Knowledge
  • Incident Response Concepts and Process
  • Forensics and Recovery
  • Readiness and Assessment – Overview Tasks and Knowledge
  • Identification and Response Overview Tasks and Knowledge
  • Incident Processes
Module 6: Exam Prep
  • Case Study – Security On a Shoestring Budget
  • Case Study – APT In Action
  • Summary
  • Exam Prep

CompTIA CySA+ (Cybersecurity Analyst+) CS0-002 Course Content

Download Outline

Module 1: Threat and Vulnerability Management
  • Instructor Intro
  • About the Exam
  • Test Taking Tips and Techniques
  • Explain the importance of threat data and intelligence
  • Given a scenario, utilize threat intelligence to support organizational security
  • Given a scenario, perform vulnerability management activities Pt 1
  • Given a scenario, perform vulnerability management activities Pt 2
  • Given a scenario, analyze the output from common vulnerability assessment tools
  • Explain the threats and vulnerabilities associated with specialized technology
  • Explain the threats and vulnerabilities associated with operating in the Cloud
  • Given a scenario, implement controls to mitigate attacks and software vulnerabilities Pt 1
  • Given a scenario, implement controls to mitigate attacks and software vulnerabilities Pt 2
Module 2: Software and Systems Security
  • Outline
  • Given a scenario, apply security solutions for infrastructure management Pt 1
  • Given a scenario, apply security solutions for infrastructure management Pt 2
  • Flashcards
  • Given a scenario, apply security solutions for infrastructure management Pt 3
  • Explain software assurance best practices
  • Scatter
  • Explain hardware assurance best practices
  • Learn
  • Speller
  • Workbook
Module 3: Security Operations and Monitoring
  • Given a scenario, analyze data as part of security monitoring activities Pt 1
  • Given a scenario, analyze data as part of security monitoring activities Pt 2
  • Given a scenario, analyze data as part of security monitoring activities Pt 3
  • Given a scenario, implement configuration changes to existing controls to improve security Pt 1
  • Given a scenario, implement configuration changes to existing controls to improve security Pt 2
  • Explain the importance of proactive threat hunting
  • Compare and contrast automation concepts and technologies
Module 4: Incident Response
  • Explain the importance of the incident response process
  • Given a scenario, apply the appropriate the incident response procedure
  • Given an incident, analyze potential indicators of compromise
  • Given a scenario, utilize basic digital forensic techniques
Module 5: Compliance and Assessment
  • Understand the importance of data privacy and protection
  • Given a scenario, apply security concepts in support of organizational risk mitigation Pt 1
  • Given a scenario, apply security concepts in support of organizational risk mitigation Pt 2
  • Explain the importance of frameworks, policies, procedures, and controls Pt 1
  • Explain the importance of frameworks, policies, procedures, and controls Pt 2
Module 6: Afterword
  • Recap
  • Review Questions
  • Before the Exam

CompTIA PenTest+ (PT0-001) Course Content

Download Outline

Module 1 – The Pen Test Engagement
  • Module 1 Notes
  • 1.0 PenTest Plus Introduction
  • 1.1 PenTest Plus Topics
  • 1.2 PenTest Engagement
  • 1.3 Threat Modeling
  • 1.4 Technical Constraints
  • 1.5 PenTest Engagement Review
  • 1.6 Examining PenTest Engagement Documents Act
Module 2 – Passive Reconnaissance
  • Module 2 Notes
  • 2.1 Passive Reconnaissance part1
  • 2.2 WHOIS Act
  • 2.3 Passive Reconnaissance part2
  • 2.4 Google Hacking Act
  • 2.5 Passive Reconnaissance part3
  • 2.6 DNS Querying Act
  • 2.7 Passive Reconnaissance part4
  • 2.8 Email Server Querying Act
  • 2.9 SSL-TLS Cerfificates
  • 2.10 Shodan Act
  • 2.11 The Havester
  • 2.12 TheHarvester Act
  • 2.13 Recon-ng
  • 2.14 Recon-g Act
  • 2.14 Recon-ng-Part-2-API-key Act
  • 2.15 Maltego
  • 2.16 Have I been Pwned
  • 2.17 Punked and Owned Pwned Act
  • 2.18 Fingerprinting Organization with Collected Archives
  • 2.19 FOCA Act
  • 2.20 Findings Analysis Weaponization
  • 2.21 Chp 2 Review
Module 3 – Active Reconnaissance
  • Module 3 Notes
  • 3.1 Active Reconnaissannce
  • 3.2 Discovery Scans Act
  • 3.3 Nmap
  • 3.4 Nmap Scans Types Act
  • 3.5 Nmap Options
  • 3.6 Nmap Options Act
  • 3.7 Stealth Scans
  • 3.8 Nmap Stealth Scans Act
  • 3.9 Full Scans
  • 3.10 Full Scans Act
  • 3.11 Packet Crafting
  • 3.12 Packet Crafting Act
  • 3.13 Network Mapping
  • 3.14 Metasploit
  • 3.15 Scanning with Metasploit Act
  • 3.16 Enumeration
  • 3.17 Banner Grabbing Act
  • 3.18 Windows Host Enumeration
  • 3.19 Winddows Host Enumeration Act
  • 3.20 Linux Host Enumeration
  • 3.21 Linux Host Enumeration Act
  • 3.22 Service Enumeration
  • 3.23 Service Enumeration Act
  • 3.24 Network Shares
  • 3.25 SMB Share Enumeration Act
  • 3.26 NFS Network Share Enumeration
  • 3.27 NFS Share Enumeration Act
  • 3.28 Null Sessions
  • 3.29 Null Sessions Act
  • 3.30 Website Enumeration
  • 3.31 Website Enumeration Act
  • 3.32 Vulnerability Scans
  • 3.33 Compliance Scans Act
  • 3.34 Credentialed Non-credentialed Scans
  • 3.35 Using Credentials in Scans Act
  • 3.36 Server Service Vulnerability Scan
  • 3.37 Vulnerability Scanning Act
  • 3.38 Web Server Database Vulnerability Scan
  • 3.39 SQL Vulnerability Scanning Act
  • 3.40 Vulnerability Scan Part 2 OpenVAS Act
  • 3.41 Web App Vulnerability Scan
  • 3.42 Web App Vulnerability Scanning Act
  • 3.43 Network Device Vulnerability Scan
  • 3.44 Network Device Vuln Scanning Act
  • 3.45 Nmap Scripts
  • 3.46 Using Nmap Scripts for Vuln Scanning Act
  • 3.47 Packet Crafting for Vulnerbility Scans
  • 3.48 Firewall Vulnerability Scans
  • 3.49 Wireless Access Point Vunerability
  • 3.50 Wireless AP Scans Act
  • 3.51 WAP Vulnerability Scans
  • 3.52 Container Security issues
  • 3.53 How to Update Metasploit Pro Expired Trial License
Module 4 – Physical Security
  • Module 4 Notes
  • 4.1 Physical Security
  • 4.2 Badge Cloning Act
  • 4.3 Physical Security Review
Module 5 – Social Engineering
  • Module 5 Notes
  • 5.1 Social Engineering
  • 5.2 Using Baited USB Stick Act
  • 5.3 Using Social Enginnering to Assist Attacks
  • 5.4 Phishing Act
  • 5.5 Social Engineering Review
Module 6 – Vulnerability Scan Analysis
  • Module 6 Notes
  • 6.1 Vulnerbility Scan Analysis
  • 6.2 Validating Vulnerability Scan Results Act
  • 6.3 Vulnerbility Scan Analysis Review
Module 7 – Password Cracking
  • Module 7 Notes
  • 7.1 Password Cracking
  • 7.2 Brute Force Attack Against Network Service Act
  • 7.3 Network Authentication Interception Attack
  • 7.4 Intercepting Network Authentication Act
  • 7.5 Pass the Hash Attacks
  • 7.6 Pass the Hash Act
  • 7.7 Password Cracking Review
Module 8 – Penetrating Wired Networks
  • Module 8 Notes
  • 8.1 Penetrating Wired Network
  • 8.2 Sniffing Act
  • 8.3 Eavesdropping
  • 8.4 Eavesdropping Act
  • 8.5 ARP Poisoning
  • 8.6 ARP Poisoning Act
  • 8.7 Man In The Middle
  • 8.8 MITM Act
  • 8.9 TCP Session HiJacking
  • 8.10 Server Message Blocks SMB Exploits
  • 8.11 SMB Attack Act
  • 8.12 Web Server Attacks
  • 8.13 FTP Attacks
  • 8.14 Telnet Server Attacks
  • 8.15 SSH Server Attacks
  • 8.16 Simple Network Mgmt Protocol SNMP
  • 8.17 Simple Mail Transfer Protocol SMTP
  • 8.18 Domain Name System DNS Cache Poisoning
  • 8.19 Denail of Service Attack DoS-DDoS
  • 8.20 DoS Attack Act
  • 8.21 VLAN Hopping Review
Module 9 – Penetrating Wireless Networks
  • Module 9 Notes
  • 9.1 Penetrating Wireless Networks
  • 9.2 Jamming Act
  • 9.3 Wireless Sniffing
  • 9.4 Replay Attacks
  • 9.5 WEP Cracking Act
  • 9.6 WPA-WPA2 Cracking
  • 9.7 WAP Cracking Act
  • 9.8 Evil Twin Attacks
  • 9.9 Evil Twin Attack Act
  • 9.10 WiFi Protected Setup
  • 9.11 Bluetooth Attacks
  • 9.12 Penetrating Wireless Networks
Module 10 – Windows Exploits
  • Module 10 Notes
  • 10.1 Windows Exploits
  • 10.2 Dumping Stored Passwords Act
  • 10.3 Dictionary Attacks
  • 10.4 Dictionary Attack Against Windows Act
  • 10.5 Rainbow Table Attacks
  • 10.6 Credential Brute Force Attacks
  • 10.7 Keylogging Attack Act
  • 10.8 Windows Kernel
  • 10.9 Kernel Attack Act
  • 10.10 Windows Components
  • 10.11 Memory Vulnerabilities
  • 10.12 Buffer Overflow Attack Act
  • 10.13 Privilegde Escalation in Windows
  • 10.14 Windows Accounts
  • 10.15 Net and WMIC Commands
  • 10.16 Sandboxes
Module 11 – Linux Exploits
  • Module 11 Notes
  • 11.1 Linux Exploits
  • 11.2 Exploiting Common Linux Features Act
  • 11.3 Password Cracking in Linux
  • 11.4 Cracking Linux Passwords Act
  • 11.5 Vulnerability Linux
  • 11.6 Priviledge Escalation Linux
  • 11.7 Linux Accounts
  • 11.8 Linux Exploits Review
Module 12 – Mobile Devices
  • Module 12 Notes
  • 12.1 Mobile Devices
  • 12.2 Hacking Android Act
  • 12.3 Apple Exploits
  • 12.4 Moblie Devices Review
Module 13 – Specialized Systems
  • Module 13 Notes
  • 13.1 Specialized Systems
  • 13.2 Specialized Systems Review
Module 14 – Scripts
  • Module 14 Notes
  • 14.1 Scripts
  • 14.2 Powershell
  • 14.3 Python
  • 14.4 Ruby
  • 14.5 Common Scripting Elements
  • 14.6 Scripts Review
  • 14.7 Better Ping Sweep
  • 14.8 Simple Port Scanner2
  • 14.9 Multitarget Port Scanner
  • 14.10 Port Scanner with Nmap
  • 14.11 Scripts Review
Module 15 – Application Testing
  • Module 15 Notes
  • 15.1 Application Testing
  • 15.2 Reverse Engineering
Module 16 – Web App Exploits
  • Module 16 Notes
  • 16.1 Webb App Exploits
  • 16.2 Injection Attacks
  • 16.3 HTML Injection
  • 16.4 SQL Hacking – SQLmap Act
  • 16.5 Cross-Site Attacks
  • 16.6 Cross-Site Request Forgery
  • 16.7 Other Web-based Attacks
  • 16.8 File Inclusion Attacks
  • 16.9 Web Shells
  • 16.10 Web Shells Review
Module 17 – Lateral Movement
  • Module 17 Notes
  • 17.1 Lateral Movement
  • 17.2 Lateral Movement with Remote Mgmt Services
  • 17.3 Process Migration Act
  • 17.4 Passing Control Act
  • 17.5 Pivoting
  • 17.6 Tools the Enable Pivoting
  • 17.7 Lateral Movement Review
Module 18 – Persistence
  • Module 18 Notes
  • 18.1 Persistence
  • 18.2 Breeding RATS Act
  • 18.3 Bind and Reverse Shells
  • 18.4 Bind Shells Act
  • 18.5 Reverse Shells
  • 18.6 Reverse Shells Act
  • 18.7 Netcat
  • 18.8 Netcat Act
  • 18.9 Scheduled Tasks
  • 18.10 Scheduled Tasks Act
  • 18.11 Services and Domains
  • 18.12 Persistence Review
Module 19 – Cover Your Tracks
  • Module 19 Notes
  • 19.1 Cover Your Tracks
  • 19.2 Cover Your Tracks – Timestomp Files Act
  • 19.3 Cover Your Tracks – Frame the Administrator Act
  • 19.4 Cover Your Tracks – Clear the Event Log Act
  • 19.5 Cover Your Tracks Review
Module 20 – The Report
  • Module 20 Notes
  • 20.1 The Report
  • 20.2 The Report Review
Module 21 – Post Engagement Cleanup
  • Module 21 Notes
  • 21.1 Post Engagement Cleanup_1
  • 21.3 Post Engagement Cleanup Review
  • 21.4 PenTest Plus Conclusion.mp4

CompTIA Advanced Security Practitioner (CASP) CAS-003 Course Content

Download Outline

Module 1 – Risk Management
  • Module 1 Notes
  • Intro CASP
  • CASP Introduction
  • Mod 1.1 Exploring Cloud Services Act
  • Mod 1.1 Acquisition Merger Demerger
  • Mod 1.1 Acquisition Merger Demerger Part2
  • Mod 1.2 Compare and Contrast
  • Mod 1.3 Given Scenario Execute Risk
  • Mod 1.3 Given Scenario Execute Risk Part2
  • Mod 1.3 Continuing Terminology IT Governance
  • Mod 1.4 Analyze Security Solution Metrics and Attributes
  • Mod 1.4 Analyze Risk
  • Mod 1.4 Trend Analysis Act
Module 2 – Enterprise Security Architecture
  • Module 2 Notes
  • Mod 2 Enterprise Security Architecture
  • Mod 2.1 Network Device Security Act
  • Mod 2.1 Application and Protocol
  • Mod 2.1 Advanced Network Security Act
  • Mod 2.1 Complex Network Security Solution
  • Mod 2.1 Implementing VLANs Switchport Sec Act
  • Mod 2.1 Implementing VLANs Switchport Sec Act Part2
  • Mod 2.1 Distributed Denial of Service
  • Mod 2.1 Exploring DoS Attacks Act
  • Mod 2.1 Security Zones
  • Mod 2.1 Network Access Control
  • Mod 2.1 Searching for Vulnerablie ICS-SCADA Act
  • Mod 2.2 Analyze a Scenario Integrate Security
  • Mod 2.2 Configuring Windows Firewall Act
  • Mod 2.2 Log Monitoring and Auditing
  • Mod 2.2 Group Policy Act
  • Mod 2.2 Patch Management
  • Mod 2.2 Management Interface
  • Mod 2.2 Measured Launch
  • Mod 2.3 Analyze a Scenario to Integrate Security Controls
  • Mod 2.3 Security Implications Privacy
  • Mod 2.3 Baseband
  • Mod 2.4 Given Software Vulnerabilty Scenarios
  • Mod 2.4 SQL Injection Act
  • Mod 2.4 Improper Error and Exception Handling
  • Mod 2.4 Buffer Overflows Act
  • Mod 2.4 Memory Leaks
  • Mod 2.4 Researching Vulnerabilities Exploits Act
Module 3 – Enterprise Security Operations
  • Module 3 Notes
  • Mod 3 Enterprise Security Operations
  • Mod 3 Runtime Debugging
  • Mod 3.1 Fingerprinting an OS Services Act
  • Mod 3.1 Code Review
  • Mod 3.1 Conducting OSINT Act
  • Mod 3.1 Types
  • Mod 3.1 Conducting a Vulnerability Assessment Act
  • Mod 3.2 Analyze a Scenario Output
  • Mod 3.2 Network Sniffing Act
  • Mod 3.2 Security Content Automation
  • Mod 3.2 Using a SCAP Scanner Act
  • Mod 3.2 Network Enumerator
  • Mod 3.2 Password Cracking Act
  • Mod 3.2 Host Vulnerability Scanner
  • Mod 3.2 Using Command Line Tools Act
  • Mod 3.2 OpenSSL
  • Mod 3.2 Scanning for Heartbleed Act
  • Mod 3.2 Local Exploitation Tools
  • Mod 3.2 Verifying File Integrity with SFC Act
  • Mod 3.2 Log Analysis Tools
  • Mod 3.3 Given Scenario Implement Incident
  • Mod 3.3 Facilitate Incident Detection Response
  • Mod 3.3 Using Incident Response Support Tools Act
  • Mod 3.3 Severity of Incident Detection Breach
Module 4 – Technical Integration of Enterprise Security
  • Module 4 Notes
  • Mod 4 Technical Integration of Enterprise
  • Mod 4 Technical Integration of Enterprise Part2
  • Mod 4.1 DataSecurity Considerations
  • Mod 4.1 Examing Network Diagrams Act
  • Mod 4.1 Security and Privacy Considerations of Storage integration
  • Mod 4.1 Exploring Directory Services and DNS Act
  • Mod 4.2 Given Scenario Integrate Cloud and Virtualization
  • Mod 4.2 Taking Another Look at Cloud Services Act
  • Mod 4.2 Security Advantages and Disadvanatges of Virtualization
  • Mod 4.2 Using Virtualization Act
  • Mod 4.2 Cloud Augmented Security
  • Mod 4.3 Given Scenario Integrate and Troubleshoot Advanced Authentication
  • Mod 4.4 Given Scenario Cryptographic
  • Mod 4.4 Cryptographic Part2
  • Mod 4.4 Mobile Device Encryption
  • Mod 4.4 Cryptography Act
  • Mod 4.5 Select the Appropriate Control
  • Mod 4.5 Phising Act
  • Mod 4.5 Telephony VoIP Integration
Module 5 – Research, Development and Collaboration
  • Module 5 Notes
  • Mod 5 Research Methods to Determine Industry Trends
  • Mod 5.1 Practicing Threat Intelligence Act
  • Mod 5.2 Scenario Implememt Security Activities Across
  • Mod 5.2 Static Testing
  • Mod 5.3 Explain the Importance of Interaction
  • CASP Conclusion

Cyber Security Awareness and Prevention Course Content

Download Outline

Module 1: Cyber Security Awareness and Prevention
  • Course Introduction
  • Where We Are Today
  • Areas Of Protection
  • The Connection – Part 1
  • The Connection – Part 2
  • Network Protection
  • Browsing Blunders – Part 1
  • Browsing Blunders – Part 2
  • Settings – Part 1
  • Settings – Part 2
  • Settings – Part 3
  • Settings – Part 4
  • Cookies
  • Browsing Tips And Tricks
  • Email Can't Hurt You Right – Part 1
  • Email Can't Hurt You Right – Part 2
  • Viruses – Part 1
  • Viruses – Part 2
  • Viruses – Part 3
Module 2: Managing Mobile Device Security
  • Managing Mobile Device Security-Part1
  • Managing Mobile Device Security-Part2
  • Secure Access
  • Secure Access iPhone Demo
  • Secure Access Android Demo
  • Protect The Digital
  • Protect The Digital Android Demo
  • Protect The Digital iPhone Demo
  • Manage App Access
  • Manage App Access iPhone Demo
  • Manage App Access Android Demo
  • Stay Up To Date
  • Stay Up To Date Android Demo
  • Stay Up To Date iPhone Demo
  • Use Other Tools To Help
  • Prepare For The Worst
  • Prepare For The Worst-Android Demo
  • Prepare For The Worst-iPhone Demo
  • Best Practices
  • Course Conclusion

Data Security Compliance Course Content

Download Outline

Module 1: Data Breaches And ID Theft
  • Course Introduction
  • Treat And Cost
Module 2: Device Security Basics
  • Device Access
  • Device Management
Module 3: Avoiding Inadvertent Disclosure
  • No More Oops Part1
  • No More Oops Part2
Module 4: Physical And Technical Safeguards
  • The DO Of Security Part1
  • The DO Of Security Part2
  • Course Conclusion

Certified Information Systems Auditor (CISA) Course Content

Download Outline

Module 1 – The Audit Process
  • Introduction
  • Audit Process
  • Auditing Standards
  • Auditing Guidelines
  • Cobit Model
  • Audit Management
  • Internal Control Classifications
  • Planning
  • Program
  • Evidence
  • Audit Control Evaluation
  • CSA Control Self-Assessment
Module 2 – Audit Governance and Compliance
  • IT Governance
  • Governance & Security Policies
  • Outsourcing & Governance
  • Outsourcing & Globalization
  • Organizational Compliance
  • IT Strategy
  • IT Performance
Module 3 – System Infrastructure, Project Management, and Testing
  • System & Infrastructure
  • Requirements
  • Project Management Tools – Part 1
  • Project Management Tools – Part 2
  • Applications
  • Agile Development
  • Monitoring & Controlling
  • Acquisition Process
  • Testing Process
  • Information Systems Maintenance Practices
  • Data Conversion Tools
Module 4 – Media Disposal, Reviews, and System Maintenance
  • Media Disposal Process
  • Post Implementation Review
  • Periodic Review
  • System Maintenance
Module 5 – IT Service Level Management
  • IT Service Delivery and Support
  • How to Evalutate Service Level Management Practices
  • Operations Management
  • Databases
  • Structured Query Language (SQL)
  • Monitoring Performance
  • Source Code and Perfomance Monitoring
  • Patch Management
  • Incident Management
  • Hardware Component Types
  • Network Component Types
Module 6 – Auditor Technical Overview
  • IS Auditor Technical Overview
  • Security Design
  • Monitoring Systems
  • Types of Attacks
  • Cryptography
  • Encryption
  • Asymmetric Encryption
  • Digital Certificate
  • Different Kinds of Attacks
  • Access Controls
  • Identification and Authenication
  • Physical Access Exposure
  • Environmental Security
  • Network Security Devices and Network Components
  • Network Address Translation
  • Virtual Private Networks (VPNs)
  • Voice System Risks
  • Intrusion Detection
  • Firewalls
  • Firewall Implementation
  • Network Access Protection
  • HoneyPot
  • Risks to Portable and Wireless Devices
  • Bluetooth
  • OSI Networking
  • Managing Data
Module 7 – Business Continuity and Disaster Recovery
  • Business Continuity and Disaster Recovery
  • Fault Tolerance
  • Business Continuity and Disaster Recovery Regulations

Computer Hacking Forensic Investigator (CHFI) Course Content

Download Outline

Module 1: Computer Forensics Introduction
  • Intro To Course-Part1
  • Intro To Course-Part2
  • Intro To Course-Part3
  • Intro To Course-Part4
  • Intro To Course-Part5
  • Intro To Forensics-Part1
  • Intro To Forensics-Part2
  • Intro To Forensics-Part3
  • Intro To Forensics-Part4
  • Intro To Forensics-Part5
  • Intro To Forensics-Part6
  • Intro To Forensics-Part7
  • Intro To Forensics-Part8
Module 2: Forensics Investigation Process
  • Forensics Investigation Process-Part1
  • Forensics Investigation Process-Part2
  • Forensics Investigation Process-Part3
  • Forensics Investigation Process-Part4
  • Forensics Investigation Process-Part5
  • Forensics Investigation Process-Part6
  • Forensics Investigation Process-Part7
  • Forensics Investigation Process-Part8
  • Forensics Investigation Process-Part9
  • Forensics Investigation Process-Part10
Module 3: Searching and Seizing
  • Searching And Seizing-Part1
  • Searching And Seizing-Part2
  • Searching And Seizing-Part3
  • Searching And Seizing-Part4
  • Searching And Seizing-Part5
Module 4: Digital Evidence
  • Digital Evidence-Part1
  • Digital Evidence-Part2
  • Digital Evidence-Part3
  • Digital Evidence-Part4
  • Digital Evidence-Part5
  • Digital Evidence-Part6
  • Digital Evidence-Part7
Module 5: First Responder Procedures
  • First Responder Procedures-Part1
  • First Responder Procedures-Part2
  • First Responder Procedures-Part3
  • First Responder Procedures-Part4
  • First Responder Procedures-Part5
  • First Responder Procedures-Part6
  • First Responder Procedures-Part7
  • First Responder Procedures-Part8
Module 6: Forensics Lab
  • Forensic Lab-Part1
  • Forensic Lab-Part2
  • Forensic Lab-Part3
  • Forensic Lab-Part4
  • Forensic Lab-Part5
Module 7: Hard Disks and File Systems
  • Hard Disks And File Systems-Part1
  • Hard Disks And File Systems-Part2
  • Hard Disks And File Systems-Part3
  • Hard Disks And File Systems-Part4
  • Hard Disks And File Systems-Part5
  • Hard Disks And File Systems-Part6
  • Hard Disks And File Systems-Part7
  • Hard Disks And File Systems-Part8
  • Hard Disks And File Systems-Part9
  • Hard Disks And File Systems-Part10
Module 8: Windows Forensics
  • Windows Forensics-Part1
  • Windows Forensics-Part2
  • Windows Forensics-Part3
  • Windows Forensics-Part4
  • Windows Forensics-Part5
  • Windows Forensics-Part6
  • Windows Forensics-Part7
  • Windows Forensics-Part8
  • Windows Forensics-Part9
  • Windows Forensics-Part10
Module 9: Data Acquisition and Duplication
  • Data Acquisition And Duplication-Part1
  • Data Acquisition And Duplication-Part2
  • Data Acquisition And Duplication-Part3
  • Data Acquisition And Duplication-Part4
  • Data Acquisition And Duplication-Part5
  • Data Acquisition And Duplication-Part6
  • Data Acquisition And Duplication-Part7
Module 10: Recovering Deleted Files and Partitions
  • Recovering Deleted Files And Partitions-Part1
  • Recovering Deleted Files And Partitions-Part2
Module 11: Using Access Data FTK
  • Using Access Data FTK And Special Steps-Part1
  • Using Access Data FTK And Special Steps-Part2
  • Using Access Data FTK And Special Steps-Part3
  • Using Access Data FTK And Special Steps-Part4
  • Using Access Data FTK And Special Steps-Part5
  • Using Access Data FTK And Special Steps-Part6
  • Using Access Data FTK And Special Steps-Part7
  • Using Access Data FTK And Special Steps-Part8
Module 12: Using EnCase
  • EnCase-Part1
  • EnCase-Part2
  • EnCase-Part3
Module 13: Steganography
  • Stenography-Part1
  • Stenography-Part2
  • Stenography-Part3
  • Stenography-Part4
Module 14: Password Crackers
  • Passwords-Part1
  • Passwords-Part2
  • Passwords-Part3
  • Passwords-Part4
Module 15: Log Correlation
  • Log Correlation-Part1
  • Log Correlation-Part2
  • Log Correlation-Part3
  • Log Correlation-Part4
  • Log Correlation-Part5
  • Log Correlation-Part6
Module 16: Network Forensics
  • Network Forensics-Part1
  • Network Forensics-Part2
  • Network Forensics-Part3
  • Network Forensics-Part4
Module 17: Wireless Attacks
  • Wireless Attacks-Part1
  • Wireless Attacks-Part2
  • Wireless Attacks-Part3
Module 18: Web Attacks
  • Web Attacks-Part1
  • Web Attacks-Part2
  • Web Attacks-Part3
  • Web Attacks-Part4
  • Web Attacks-Part5
  • Web Attacks-Part6
  • Web Attacks-Part7
  • Web Attacks-Part8
Module 19: Email Crimes
  • Email Crimes-Part1
  • Email Crimes-Part2
  • Email Crimes-Part3
  • Email Crimes-Part4
Module 20: Mobile Investigation
  • Mobile Investigation-Part1
  • Mobile Investigation-Part2
  • Mobile Investigation-Part3
  • Mobile Investigation-Part4
  • Mobile Investigation-Part5
Module 21: Investigative Reports
  • Investigation Reports-Part1
  • Investigation Reports-Part2
  • Investigation Reports-Part3
  • Investigation Reports-Part4
Module 22: Expert Witness
  • Expert Witness-Part1
  • Expert Witness-Part2
  • Expert Witness-Part3

[ FAQ ]

Frequently Asked Questions.

What is the Certified Ethical Hacker (CEH) V12 certification, and why is it important?

The Certified Ethical Hacker (CEH) V12 is a globally recognized certification that validates an individual’s skills in assessing the security posture of systems using authorized hacking techniques. It demonstrates proficiency in identifying vulnerabilities before malicious hackers can exploit them.

This certification is crucial for IT security professionals because it equips them with practical skills to simulate cyber-attacks, assess defenses, and recommend remedial actions. Organizations value CEH-certified professionals for their ability to think like attackers and improve their cybersecurity defenses proactively.

What are the key topics covered in the CEH V12 training course?

The CEH V12 course covers a broad range of topics, including reconnaissance, footprinting, scanning networks, enumeration, vulnerability analysis, system hacking, and post-exploitation techniques. It also explores malware, social engineering, wireless attacks, and evading detection methods.

The training emphasizes hands-on practical exercises using real-world scenarios, enabling learners to understand attack methodologies and defensive strategies. This comprehensive approach ensures participants are prepared for the CEH exam and real cybersecurity challenges.

How does the CEH V12 course help in advancing my cybersecurity career?

Completing the CEH V12 course provides you with a recognized credential that demonstrates your ability to identify and mitigate security vulnerabilities ethically. This accreditation can open doors to roles such as penetration tester, security analyst, or cybersecurity consultant.

Additionally, the skills gained from the course are highly valued in the industry, often leading to higher salaries and better job prospects. It also prepares you for further certifications and specialized fields within cybersecurity, strengthening your professional profile.

Can beginners with no prior cybersecurity experience enroll in the CEH V12 training?

Yes, beginners can enroll in the CEH V12 training, but having some foundational knowledge of networking, operating systems, and basic security concepts is recommended. The course is designed to accommodate learners with varying experience levels.

It’s beneficial to have a basic understanding of network protocols, system administration, and scripting. Many training providers offer preparatory materials or introductory courses to help newcomers build the necessary background before diving into the CEH curriculum.

What are common misconceptions about the CEH certification and ethical hacking?

One common misconception is that ethical hacking involves illegal activities or hacking for personal gain. In reality, it is a legal, authorized practice aimed at strengthening security defenses and preventing malicious attacks.

Another misconception is that CEH certification guarantees complete security for an organization. While it equips professionals with valuable skills, cybersecurity is an ongoing process that requires continuous learning, updating defenses, and proactive management.

Ready to start learning? Individual Plans →Team Plans →