Ready to start learning?

[ Course ]

Cybersecurity Master Certification Training Bundle

Discover essential cybersecurity skills by learning ethical hacking techniques to evade defenses and develop advanced threat detection and prevention strategies.

308 Hrs 22 Min1,567 Videos1,803 QuestionsCertificate of CompletionClosed Captions

ethical hacking: evading ids, firewalls, and honeypots [author] videos is one of those subjects that separates someone who merely understands security tools from someone who can think like an attacker and defend like a professional. If you have ever watched an alert fire from an IDS, seen a firewall drop your test traffic, or realized a honeypot was baiting your scan, you already know the real lesson: the defensive perimeter is not just a wall, it is a set of obstacles designed to expose bad assumptions. In this course, I walk you through how those obstacles behave, why they work, and how a skilled tester plans around them during authorized security assessments.

This is not a course about reckless “hacking.” It is a practical, professional training bundle built for people who want to understand the mechanics of security controls well enough to test them, evaluate them, and report on them accurately. You will move through the same kinds of tactics used in legitimate penetration testing and red-team style validation: reconnaissance, traffic shaping, session analysis, evasion concepts, and interpretation of defensive signals. If you are preparing for a cybersecurity role, or you already work in IT and need to sharpen your defensive mindset, this training gives you the vocabulary and the technical reasoning you need to do the job properly.

What this cybersecurity certification training bundle is really built to do

This bundle is designed to give you broad, job-ready security knowledge without treating cybersecurity like a pile of disconnected acronyms. The point is not simply to “cover topics.” The point is to teach you how security domains connect in real environments. A cloud control can be undermined by weak identity policy. A network defense can be bypassed by poor segmentation. A database can be compromised because application owners ignored least privilege. That is why this bundle is valuable: you learn to see the chain, not just the link.

Because the training spans multiple security disciplines, it helps you build the kind of perspective employers expect from senior practitioners. You will encounter the strategic side of governance and risk, the tactical side of network and host security, and the operational side of assessment and response. That combination matters if you are moving toward roles such as security analyst, security engineer, GRC specialist, risk manager, security architect, or penetration tester. It also matters if you are already in infrastructure, systems, networking, or project management and need to speak security fluently.

Here is what I want you to notice about this bundle: it does not only prepare you for memorization-driven certification study. It helps you understand why controls exist, how attackers try to get around them, and how defenders measure whether those controls are actually effective. That is the kind of understanding that gets you promoted, trusted, and pulled into the important meetings.

ethical hacking: evading ids, firewalls, and honeypots [author] videos and the attacker mindset

Let’s talk about the core concept behind ethical hacking: evading ids, firewalls, and honeypots [author] videos. In real assessments, your job is not to “break everything.” Your job is to identify whether a defensive stack can detect, block, or mislead a skilled adversary. IDS engines look for signatures and anomalies. Firewalls enforce policy. Honeypots are designed to attract attention and expose activity. A competent security tester understands the purpose of each control and then evaluates the ways that control can be pressured, misconfigured, or deceived.

That means you will need more than tool familiarity. You need to understand how packet timing, payload structure, protocol behavior, and traffic patterns affect detection. You need to know why some scans are loud and others are subtle. You need to understand what defenders see in logs, not just what you see from your console. That distinction is crucial. Many people can run a tool; far fewer can explain what the blue team would observe at each step.

This is also where the professional side of ethical hacking shows up. If you are doing authorized testing, you must operate with discipline. You document scope, choose methods that match the objective, and avoid unnecessary disruption. If a honeypot is detected, that is useful intelligence. If a firewall blocks a path, that is a finding, not a failure. You are collecting evidence about the strength and weaknesses of the environment.

How IDS logic identifies suspicious traffic patterns
Why firewall rule order and segmentation can make or break a defense
How honeypots influence attacker behavior and reveal reconnaissance attempts
How to interpret defensive responses without confusing noise for real risk

Reconnaissance, footprinting, and the first mistakes attackers make

Every useful assessment starts before exploitation. That is why ethical hacking: footprinting and reconnaissance [author] videos is such an important search phrase and such an important skill area. Reconnaissance is where you learn what exists: public domains, exposed services, DNS records, email patterns, certificate data, cloud footprints, wireless signals, and metadata that organizations leak without realizing it. Footprinting is not glamorous, but it is where the smart practitioner saves time and avoids noise.

In practice, reconnaissance determines whether you understand the target environment or merely guess at it. Passive methods help you gather intelligence without touching the target directly. Active methods help you validate what you discovered and identify surface-level weaknesses. In a professional environment, this distinction matters because you want the smallest footprint necessary to answer the security question at hand. A good assessor is patient. A careless one becomes a story in the incident report.

You will also see why defenders care so much about public exposure. An organization may spend heavily on endpoint protection while leaving service banners, misconfigured records, or forgotten subdomains exposed. Attackers often begin there because it is efficient. If you learn recon properly, you stop treating “small details” as small. You start seeing how much can be inferred from simple observations.

If you can map an environment accurately before you touch it, you are already ahead of most attackers and most shallow assessments.

Session hijacking, web behavior, and why identity is a security perimeter

Another major area you will encounter is ethical hacking: session hijacking [author] videos. This topic matters because modern access often depends on session tokens, cookies, and authentication state rather than constant credential re-entry. If an attacker can steal or reuse a valid session, they may not need to crack a password at all. That is why secure session handling is not a minor web detail; it is a core identity-control issue.

In this training, you will learn the concepts behind how sessions are established, maintained, intercepted, or abused in weak environments. You will also see why network visibility, browser behavior, encryption, and endpoint security all intersect here. Session weaknesses often appear when developers, administrators, or users make assumptions about trust. For example, an unprotected channel, an overly permissive timeout policy, or poor cookie handling can give an attacker room to maneuver.

For you as a student, the practical value is simple: you begin to understand where identity controls fail in the real world. That understanding helps you test web applications more intelligently, review security configurations with more skepticism, and explain risk to nontechnical stakeholders without sounding vague. Session security is one of those areas where the difference between “works fine” and “secure enough” is often the difference between a normal day and a breach investigation.

Network security, cloud security, database security, and control design

This bundle is not just offensive in flavor; it is broad in scope because security work is broad in reality. If you are heading into a role where you must protect infrastructure, you need to understand how network, cloud, and database controls reinforce each other. That means learning how segmentation limits lateral movement, how cloud identity and access management enforces privilege, and how database permissions, auditing, and encryption reduce exposure when something goes wrong.

Network security teaches you how traffic is controlled and monitored. Cloud security teaches you how shared responsibility changes your assumptions. Database security teaches you that valuable data is often the final target, not the first. When these disciplines are studied together, you start to see patterns. Weak access design in one layer can undermine the others. Strong logging in one area may compensate for weak visibility in another. And yes, sometimes the real problem is not the advanced exploit everyone fears, but the overshared admin account nobody challenged.

This is why employers value people who can discuss controls with precision. They do not need another person who says “we need more security.” They need someone who can explain what kind of control, where it belongs, what threat it reduces, and how it will be measured.

Network segmentation and traffic filtering principles
Cloud identity, permissions, and shared responsibility
Database access control, auditing, and encryption concepts
Logging and monitoring as part of an end-to-end defense strategy

Security+™, CISSP®, CISM®, CISA®, CASP, and how the bundle supports certification goals

If your goal is certification-driven career growth, this bundle is built to support that path. The material aligns with the kinds of knowledge you need for Security+™, CISSP®, CISM®, CISA®, and CASP-style professional study, along with related security architecture and risk content. I say “supports” deliberately, because no serious certification is passed by passive viewing alone. You still need to practice recall, do scenario analysis, and learn to choose the best answer under pressure. But this training gives you the conceptual foundation that makes that study much easier.

Security certifications matter because they give hiring managers a shorthand for competence. A Security+ credential may help you break into the field or move into junior security work. CISSP can support advanced security architecture, engineering, and management roles. CISM and CISA are especially useful if your work leans toward governance, audit, or program oversight. CASP sits closer to hands-on technical leadership. The point is not to collect letters. The point is to use certification prep to deepen the way you think.

If you are already employed, certification study can also translate into salary growth. In many markets, security analysts may see ranges around $70,000 to $110,000, security engineers around $100,000 to $140,000, and experienced architects, managers, or risk leaders can go well beyond that depending on region and scope. Those numbers are not promises; they are indicators of how much organizations are willing to pay for someone who can reduce risk without slowing the business down.

Risk management and project-level security thinking

One of the smartest parts of this bundle is that it does not treat security as a purely technical discipline. Real organizations live and die by decisions, tradeoffs, and timelines. That is why the inclusion of PMI Risk Management Professional topics is not an accident. Security professionals who can talk about risk in the language of projects and business decisions are far more valuable than people who only know how to list vulnerabilities.

In practice, this means you learn to think about probability, impact, mitigation, acceptance, and transfer. You learn how security requirements fit into change management and project planning. You also learn why the best technical control in the world fails if nobody funds it, schedules it, or maintains it. A security professional who understands project management can influence outcomes earlier, when options are still open and costs are still manageable.

This matters for roles that sit between technical teams and management. If you work as a coordinator, analyst, manager, or consultant, risk language helps you translate technical issues into business decisions. That is a very different skill from reciting policy. It is the skill of being heard.

Identify the threat and the business asset at risk
Estimate impact in operational, financial, and reputational terms
Choose a control strategy that fits budget and timeline constraints
Document residual risk clearly enough for leadership to act on it

Prerequisites, who should take this training, and what kind of background helps

You do not need to arrive as an expert, but you do need curiosity and a working comfort with IT basics. If you understand networking at a foundational level, know your way around operating systems, and have some exposure to security concepts, you are in a good place to start. If you are newer, the bundle still makes sense, but you should be ready to slow down, take notes, and revisit topics as they stack on one another.

This training is especially useful for:

IT support professionals moving into security
Network administrators who need stronger defense skills
Systems administrators who want a broader risk perspective
GRC, audit, and compliance professionals who need technical context
Security analysts preparing for certification or promotion
Project managers responsible for technology risk decisions

A few topics will land better if you already know basic IP addressing, ports, services, authentication concepts, and common networking tools. If those foundations are shaky, that does not disqualify you. It just means you should treat this as a serious learning path, not background noise. Security rewards the people who understand details.

Where this training can take your career next

If you are wondering whether this kind of bundle actually moves the needle, the answer is yes — if you apply it. Employers want people who can assess risk, understand controls, communicate with technical and nontechnical teams, and stay composed when the environment gets messy. That combination opens doors to roles in security operations, governance and compliance, architecture, consulting, and testing.

More importantly, it changes how you are perceived inside your current organization. Suddenly you are not just “the person who fixes things.” You are the person who can explain why something is vulnerable, what the business consequence might be, and which control would reduce the risk most effectively. That is a very different professional profile. It is also the profile that gets invited into planning meetings before the problem becomes expensive.

And if you are pursuing the hands-on path, the course material around recon, session issues, perimeter controls, and testing discipline gives you the mindset needed for penetration testing and security validation work. The phrase ethical hacking: evading ids, firewalls, and honeypots [author] videos may sound narrow, but the thinking behind it reaches across the entire security profession: observe carefully, verify assumptions, test controls, and report what matters.

CompTIA® and Security+™ are trademarks of their respective owners. CISSP®, CISM®, CISA®, and PMI® are trademarks of their respective owners. This content is for educational purposes.

Module 1 – SY0-701 General Security Concepts

1.0 Introduction to the Course
1.1 Fundamental Security Concepts
1.2 Zero Trust
1.3 Deception and Disruption
1.3.1 ACTIVITY – Testing a Honeypot
1.4 Security Controls
1.5 Change Management and Security
1.6 Cryptography Basics
1.6.1 ACTIVITY – Examining Symmetric Encryption
1.7 Asymmetric Encryption
1.7.1 ACTIVITY – Exploring Asymmetric Encryption
1.8 Hashing
1.8.1 ACTIVITY – Verifying Integrity with Hashing
1.9 Digital Certificates
1.10 Public Key Infrastructure
1.11 Data and Keys
1.12 Crypto Implementations
1.13 Blockchain
1.14 Non-Cryptographic Data Protection

Module 2 – SY0-701 Threats, Vulnerabilities, and Mitigations

2.1 Threat Actors and Motivations
2.2 Threat Vectors
2.2.1 ACTIVITY – O.MG Cable Baiting
2.2.2 O.MG-No Cable
2.3 Social Engineering
2.4 Operating System Vulnerabilities and Attacks
2.5 Application Vulnerabilities and Attacks
2.5.1 ACTIVITY – Performing a Buffer Overflow
2.6 Web-based Vulnerabilities and Attacks
2.6.1 ACTIVITY – Abusing Unsanitized Input
2.6.2 ACTIVITY – Grabbing Passwords with SQL Injection
2.6.3 ACTIVITY – Swiping a Token with XSS
2.7 Other Vulnerabilities
2.8 Common Malicious Activity Indicators
2.9 Insider Threat Indicators
2.10 Social Engineering Indicators
2.10.1 ACTIVITY – Capturing Credentials through Social Engineering
2.11 Malware Activity Indicators
2.12 Operating System Attack Indicators
2.13 Application Attack Indicators
2.13.1 ACTIVITY – Recognizing Directory Traversal
2.14 Physical Attack Indicators
2.14.1 ACTIVITY – Quickly Cloning an RFID Badge
2.15 Network Attack Indicators
2.15.1 ACTIVITY – Crashing a Target with DoS
2.16 Cryptographic Attack Indicators
2.17 Password Attack Indicators
2.17.1 ACTIVITY – Password Cracking
2.18 Network Segmentation
2.19 Access Control
2.20 Enterprise Device Hardening

Module 3 – SY0-701 Security Architecture

3.1 Network Segmentation
3.1.1 ACTIVITY – Segementing a Network
3.2 High Availability
3.3 Virtualization
3.3.1 ACTIVITY – Deploying Docker Containers
3.4 Cloud
3.5 Serverless Computing
3.6 IoT
3.7 ICS SCADA
3.7.1 ACTIVITY – Operating a SCADA System
3.8 RTOS and Embedded Systems
3.9 Reducing the Attack Surface
3.10 Firewalls
3.11 IDS IPS.mp4
3.12 Secure Communications – Access
3.13 Port Security
3.14 SD-WAN and SASE
3.15 Data Classifications
3.16 Protecting Data Types
3.17 Data Considerations
3.18 Redundancy
3.19 Alternate Sites
3.20 Multiple Platforms
3.21 Business Continuity

Module 4 – SY0-701 Security Operations

4.1 Secure Baselines
4.2 Attack Surface Reduction
4.3 Wireless Installation
4.4 Wireless Security Settings
4.5 Mobile Solutions
4.5.1 ACTIVITY – Pwning a Mobile Device
4.6 Application Security Management
4.7 Asset Management
4.8 Vulnerability Management
4.9 Monitoring Activities
4.10 Monitoring Tools
4.10.1 ACTIVITY – Scanning a Network for Vulnerabilities
4.11 Firewall Configuration
4.11.1 ACTIVITY – Configuring Firewall Rules
4.12 Intrusion Detection Configuration
4.13 Web Traffic Filtering
4.14 Operating System Policy
4.14.1 ACTIVITY – Examining Windows Group Policy
4.15 Network Service Security
4.16 Data Loss Protection
4.16.1 ACTIVITY – Checking File Integrity
4.17 Network Access Control
4.17.1 ACTIVITY – Require Multifactor Authentication
4.18 Identity Management
4.19 Access Management
4.19.1 ACTIVITY – Implementing Access Control
4.20 Security Automation
4.21 Incident Response
4.22 Digital Forensics

Module 5 – SY0-701 Security Program Management and Oversight

5.1 Elements of Effective Security Governance
5.2 Elements of the Risk Management Process
5.3 Third Party Risk Assessment and Management
5.3.1 ACTIVITY – Analyzing the Solar Winds Supply Chain Failure
5.4 Effective Security Compliance
5.5 Audits and Assessments
5.5.1 ACTIVITY – Conducting OSINT
5.5.2 ACTIVITY – Performing Active Reconnaissance
5.6 Security Awareness Practices
5.7 Course Outro

Module 1 – CompTIA CySA+ CS0-003 Basics

1.1 Course Introduction
1.2 Instructor Introduction
1.3 What is CySA
1.4 Exam Objectives
1.5 Cybersecurity Pathway
1.6 DoD Baseline Certfication

Module 2 – CompTIA CySA+ CS0-003 Domain 1 – Security Operations

2.1 Domain 1 – Security Operations Overview
2.2 System and Network Architecture Concepts in Security Operations
2.3 Log Files
2.4 Operating Systems
2.5 Infrastructure Concepts
2.6 Network Architecture
2.7 Software Defined Networking
2.8 Whiteboard Discussion – Network Architectures
2.9 Identity and Access Management IAM Basics
2.10 Demonstration – IAM
2.11 Encryption
2.12 Sensitive Data
2.13 1.2 Analyze Indicators of Potentially Malicious Activity
2.14 Network Attack
2.15 Host Attacks
2.16 Application Related Attacks
2.17 Social Attacks
2.18 Tools or Techniques to Determine Malicious Activity Overview
2.19 Tools and Toolsets For Identifying Malicious Activity
2.20 Common Techniques
2.21 Programming Concerns
2.22 Threat-Intelligence and Threat-Hunting Concepts Overview
2.23 Threat Actors
2.24 Tactics, Techniques and Procedures
2.25 Confidence Levels IOC
2.26 Collection Sources
2.27 Threat Intelligence
2.28 Cyber Response Teams
2.29 Security Operations
2.30 Standardized Processes and Operations
2.31 Security Operations Tools and Toolsets
2.32 Module 2 Review

Module 3 – CompTIA CySA+ CS0-003 Domain 2 – Vulnerability Management

3.1 Domain 2 – Vulnerability Management Overview
3.2 Vulnerability Discovery and Scanning
3.3 Asset Discovery and Scanning
3.4 Industry Frameworks
3.5 Mitigating Attacks
3.6 CVSS and CVE
3.7 Common Vulnerability Scoring System (CVSS) interpretation
3.8 CVE Databases
3.9 Cross Site Scripting (XSS)
3.10 Vulnerability Response, Handling, and Management
3.11 Control Types (Defense in Depth, Zero Trust)
3.12 Patching and Configurations
3.13 Attack Surface Management
3.14 Risk Management Principles
3.15 Threat Modeling
3.16 Threat Models
3.17 Secure Coding and Development (SDLC)
3.18 Module 3 Review

Module 4 – CompTIA CySA+ CS0-003 Domain 3 – Incident Response and Management

4.1 Domain 3 – Incident Response and Management Overview
4.2 Attack Methodology Frameworks
4.3 Cyber Kill Chain
4.4 Frameworks to Know
4.5 Incident Response and Post Reponse
4.6 Detection and Analysis
4.7 Post Incident Activities
4.8 Containment, Eradication and Recovery
4.9 Module 4 Review

Module 5 – CompTIA CySA+ CS0-003 Domain 4 – Reporting and Communication

5.1 Domain 4 – Reporting and Communication Overview
5.2 Reporting Vulnerabilities Overview
5.2.1 Vulnerability Reporting
5.3 Compliance Reports
5.4 Inhibitors to Remediation
5.5 Metrics and KPI's
5.6 Incident Response Reporting and Communications Overview
5.7 Incident Declaration
5.8 Communication with Stakeholders
5.9 Root Cause Analysis
5.10 Lessons Learned and Incident Closure
5.11 Module 5 Review

Module 6 – CompTIA CySA+ CS0-003 – Course Closeout

6.1 Course Closeout Overview
6.2 Practice Questions
6.3 Exam Process
6.4 Continuing Education
6.5 Course Closeout

Module 1 – Introduction To Ethical Hacking

1.0 Introduction to CEH v12
1.1 Elements of Security
1.2 Cyber Kill Chain
1.3 MITRE ATT&CK Framework
1.3.1 Activity – Researching the MITRE ATTACK Framework
1.4 Hacking
1.5 Ethical Hacking
1.6 Information Assurance
1.7 Risk Management
1.8 Incident Management
1.9 Information Security Laws and Standards
1.10 Introduction to Ethical Hacking Review

Module 2: Footprinting and Reconnaissance

2.1 Footprinting Concepts
2.2 OSINT Tools
2.2.1 Activity – Conduct OSINT with OSR Framework
2.2.2 Activity – OSINT with theHarvester
2.2.3 Activity – Add API Keys to theHarvester
2.2.4 Activity – Extract Document Metadata with FOCA
2.2.5 Activity – Extract Document Metadata with FOCA
2.3 Advanced Google Search
2.3.1 Activity – Google Hacking
2.4 Whois Footprinting
2.4.1 Activity – Conducting Whois Research
2.5 DNS Footprinting
2.5.1 Activity – Query DNS with NSLOOKUP
2.6 Website Footprinting
2.6.1 Activity – Fingerprint a Webserver with ID Serve
2.6.2 Activity – Extract Data from Websites
2.6.3 Activity – Mirror a Website with HTTrack
2.7 Email Footprinting
2.7.1 Activity – Trace a Suspicious Email
2.8 Network Footprinting
2.9 Social Network Footprinting
2.10 Footprinting and Reconnaissance Countermeasures
2.11 Footprinting and Reconnaissance Review

Module 3: Scanning Networks

3.1 Scanning Concepts
3.2 Discovery Scans
3.2.1 Activity – ICMP ECHO and ARP Pings
3.2.2 Activity – Host Discovery with Angry IP Scanner
3.3 Port Scans
3.3.1 Activity – Port Scan with Angry IP Scanner
3.4 Other Scan Types
3.5 Scanning Tools
3.5.1 Activity – Hping3 Packet Crafting
3.5.2 Activity – Fingerprinting with Zenmap
3.6 NMAP
3.6.1 Activity – Nmap Basic Scans
3.6.2 Activity – Host Discovery with Nmap
3.6.3 – Activity – Nmap Version Detection
3.6.4 Activity – Nmap Idle (Zombie) Scan
3.6.5 Activity – Nmap FTP Bounce Scan
3.6.6 – Activity – NMAP Scripts
3.7 Firewall and IDS Evasion
3.7.1 Activity – Nmap Advanced Scans
3.8 Proxies
3.9 Scanning Countermeasures
3.10 Scanning Networks Review

Module 4: Enumeration

4.1 Enumeration Overview
4.2 SMB_NetBIOS_Enumeration
4.2.1 Activity – Enumerate NetBIOS Information with Hyena
4.3 File Transfer Enumeration
4.4 WMI Enumeration
4.4.1 – Activity – Enumerating WMI with Hyena
4.5 SNMP Enumeration
4.5.1 Activity – Enumerate WMI, SNMP and Other Information Using SoftPerfect
4.6 LDAP Enumeration
4.7 DNS Enumeration
4.8 SMTP Enumeration
4.8.1 Activity – Enumerate Email Users with SMTP
4.9 Remote Connection Enumeration
4.10 Website Enumeration
4.10.1 Activity – Enumerate a Website with DirBuster
4.11 Other Enumeration Types
4.12 Enumeration Countermeasures and Review

Module 5: Vulnerability Analysis

5.1 Vulnerability Scanning
5.1.1 Vulnerability Scanning with OpenVAS
5.2 Vulnerability Assessment
5.3 Vulnerability Analysis Review

Module 6: System Hacking

6.1 System Hacking Concepts
6.2 Common OS Exploits
6.3 Buffer Overflows
6.3.1 Activity – Performing a Buffer Overflow
6.4 System Hacking Tools and Frameworks
6.4.1 Activity – Hack a Linux Target from Start to Finish
6.5 Metasploit
6.5.1 Activity – Get Started with Metasploit
6.6 Meterpreter
6.7 Keylogging and Spyware
6.7.1 Activity – Keylogging with Meterpreter
6.8 Netcat
6.8.1 Activity – Using Netcat
6.9 Hacking Windows
6.9.1 Activity – Hacking Windows with Eternal Blue
6.10 Hacking Linux
6.11 Password Attacks
6.11.1 Activity – Pass the Hash
6.11.2 Activity – Password Spraying
6.12 Password Cracking Tools
6.13 Windows Password Cracking
6.13.1 Activity – Cracking Windows Passwords
6.13.2 Activity – Cracking Password Hashes with Hashcat
6.14 Linux Password Cracking
6.15 Other Methods for Obtaining Passwords
6.16 Network Service Attacks
6.16.1 Activity – Brute Forcing a Network Service with Medusa
6.17 Post Exploitation
6.18 Pivoting
6.18.1 & 6.18.2 Activity – Pivoting Setup and Attack
6.19 Maintaining Access
6.19.1 Activity – Persistence
6.20 Hiding Data
6.20.1 Activity – Hiding Data Using Least Significant Bit Steganography
6.21 Covering Tracks
6.21.1 Activity – Clearing Tracks in Windows
6.21.2 Activity – View and Clear Audit Policies with Auditpol
6.22 System Hacking Countermeasures
6.23 System Hacking Review

Module 7: Malware Threats

7.1 Malware Overview
7.2 Viruses
7.3 Trojans
7.3.1 Activity – Deploying a RAT
7.4 Rootkits
7.5 Other Malware
7.6 Advanced Persistent Threat
7.7 Malware Makers
7.7.1 Activity – Creating a Malware Dropper and Handler
7.8 Malware Detection
7.9 Malware Analysis
7.9.1 Activity – Performing a Static Code Review
7.9.2 Activity – Analyzing the SolarWinds Orion Hack
7.10 Malware Countermeasures
7.11 Malware Threats Review

Module 8: Sniffing

8.1 Network Sniffing
8.2 Sniffing Tools
8.2.1 Activity- Sniffing HTTP with Wireshark
8.2.2 Activity – Capturing Files from SMB
8.3 ARP and MAC Attacks
8.3.1 Activity – Performing an MITM Attack with Ettercap
8.4 Name Resolution Attacks
8.4.1 Activity – Spoofing Responses with Responder
8.5 Other Layer 2 Attacks
8.6 Sniffing Countermeasures
8.7 Sniffing Review

Module 9: Social Engineering

9.1 Social Engineering Concepts
9.2 Social Engineering Techniques
9.2.1 Activity – Deploying a Baited USB Stick
9.2.2 Activity – Using an O.MG Lightning Cable
9.3 Social Engineering Tools
9.3.1 Activity – Phishing for Credentials
9.4 Social Media, Identity Theft, Insider Threats
9.5 Social Engineering Countermeasures
9.6 Social Engineering Review

Module 10: Denial-of-Service

10.1 DoS-DDoS Concepts
10.2 Volumetric Attacks
10.3 Fragmentation Attacks
10.4 State Exhaustion Attacks
10.5 Application Layer Attacks
10.5.1 Activity – Performing a LOIC Attack
10.5.2 Activity – Performing a HOIC Attack
10.5.3 Activity – Conducting a Slowloris Attack
10.6 Other Attacks
10.7 DoS Tools
10.8 DoS Countermeasures
10.9 DoS Review

Module 11: Session Hijacking

11.1 Session Hijacking
11.2 Compromising a Session Token
11.3 XSS
11.4 CSRF
11.5 Other Web Hijacking Attacks
11.6 Network-Level Session Hijacking
11.6.1 Activity – Hijack a Telnet Session
11.7 Session Hijacking Tools
11.8 Session Hijacking Countermeasures
11.9 Session Hijacking Review

Module 12: Evading IDS, Firewalls, and Honeypots

12.1 Types of IDS
12.2 Snort
12.3 System Logs
12.4 IDS Considerations
12.5 IDS Evasion
12.5.1 Activity – Fly Below IDS Radar
12.6 Firewalls
12.7 Packet Filtering Rules
12.8 Firewall Deployments
12.9 Split DNS
12.10 Firewall Product Types
12.11 Firewall Evasion
12.11.1 Activity – Use Social Engineering to Bypass a Windows Firewall
12.11.2 Activity – Busting the DOM for WAF Evasion
12.12 Honeypots
12.13 Honeypot Detection and Evasion
12.13.1 Activity – Test and Analyze a Honey Pot
12.14 Evading IDS, Firewalls, and Honeypots Review

Module 13: Hacking Web Servers

13.1 Web Server Operations
13.2 Hacking Web Servers
13.3 Common Web Server Attacks
13.3.1 Activity – Defacing a Website
13.4 Web Server Attack Tools
13.5 Hacking Web Servers Countermeasures
13.6 Hacking Web Servers Review

Module 14: Hacking Web Applications

14.1 Web Application Concepts
14.2 Attacking Web Apps
14.3 A01 Broken Access Control
14.4 A02 Cryptographic Failures
14.5 A03 Injection
14.5.1 Activity – Command Injection
14.6 A04 Insecure Design
14.7 A05 Security Misconfiguration
14.8 A06 Vulnerable and Outdated Components
14.9 A07 Identification and Authentication Failures
14.10 A08 Software and Data integrity Failures
14.11 A09 Security Logging and Monitoring Failures
14.12 A10 Server-Side Request Forgery
14.13 XSS Attacks
14.13.1 Activity – XSS Walkthrough
14.13.2 Activity – Inject a Malicious iFrame with XXS
14.14 CSRF
14.15 Parameter Tampering
14.15.1 Activity – Parameter Tampering with Burp
14.16 Clickjacking
14.17 SQL Injection
14.18 Insecure Deserialization Attacks
14.19 IDOR
14.19.1 Activity – Hacking with IDOR
14.20 Directory Traversal
14.21 Session Management Attacks
14.22 Response Splitting
14.23 Overflow Attacks
14.24 XXE Attacks
14.25 Web App DoS
14.26 Soap Attacks
14.27 AJAX Attacks
14.28 Web API Hacking
14.29 Webhooks and Web Shells
14.30 Web App Hacking Tools
14.31 Hacking Web Applications Countermeasures
14.32 Hacking Web Applications Review

Module 15: SQL Injection

15.1 SQL Injection Overview
15.2 Basic SQL Injection
15.3 Finding Vulnerable Websites
15.4 Error-based SQL Injection
15.5 Union SQL Injection
15.5.1 Activity – Testing SQLi on a Live Website – Part 1
15.5.2 Activity – Testing SQLi on a Live Website – Part 2
15.6 Blind SQL Injection
15.7 SQL Injection Tools
15.7.1 Activity – SQL Injection Using SQLmap
15.8 Evading Detection
15.9 Analyzing SQL Injection
15.10 SQL Injection Countermeasures
15.11 SQL Injection Review

Module 16: Hacking Wireless Networks

16.1 Wireless Concepts
16.2 Wireless Security Standards
16.3 WI-FI Discovery Tools
16.4 Common Wi-Fi Attacks
16.5 Wi-Fi Password Cracking
16.6 WEP Cracking
16.6.1 Activity – Cracking WEP
16.7 WPA,WPA2,WPA3 Cracking
16.7.1 Activity – WPA KRACK Attack
16.8 WPS Cracking
16.9 Bluetooth Hacking
16.10 Other Wireless Hacking
16.10.1 Activity – Cloning an RFID badge
16.10.2 Activity – Hacking with a Flipper Zero
16.11 Wireless Security Tools
16.12 Wireless Hacking Countermeasures
16.13 Hacking Wireless Networks Review

Module 17: Hacking Mobile Platforms

17.1 Mobile Device Overview
17.2 Mobile Device Attacks
17.3 Android Vulnerabilities
17.4 Rooting Android
17.5 Android Exploits
17.5.1 Activity – Hacking Android
17.5.2 Activity – Using a Mobile Device in a DDoS Campaign
17.6 Android-based Hacking Tools
17.7 Reverse Engineering an Android App
17.8 Securing Android
17.9 iOS Overview
17.10 Jailbreaking iOS
17.11 iOS Exploits
17.12 iOS-based Hacking Tools
17.13 Reverse Engineering an iOS App
17.14 Securing iOS
17.15 Mobile Device Management
17.16 Hacking Mobile Platforms Countermeasures
17.17 Hacking Mobile Platforms Review

Module 18: IoT AND OT Hacking

18.1 IoT Overview
18.2 IoT Infrastructure
18.3 IoT Vulnerabilities and Threats
18.3.1 Activity – Searching for Vulnerable IoT Devices
18.4 IoT Hacking Methodology and Tools
18.5 IoT Hacking Countermeasures
18.6 OT Concepts
18.7 IT-OT Convergence
18.8 OT Components
18.9 OT Vulnerabilities
18.10 OT Attack Methodology and Tools
18.11 OT Hacking Countermeasures
18.12 IoT and OT Hacking Review

Module 19: Cloud Computing

19.1 Cloud Computing Concepts
19.2 Cloud Types
19.3 Cloud Benefits and Considerations
19.4 Cloud Risks and Vulnerabilities
19.5 Cloud Threats and Countermeasures
19.5.1 Activity – Hacking S3 Buckets
19.6 Cloud Security Tools And Best Practices
19.7 Cloud Computing Review

Module 20: Cryptography

20.1 Cryptography Concepts
20.2 Symmetric Encryption
20.2.1 Activity – Symmetric Encryption
20.3 Asymmetric Encryption
20.3.1 Activity – Asymmetric Encryption
20.4 Public Key Exchange
20.5 PKI
20.5.1 Activity – Generating and Using an Asymmetric Key Pair
20.6 Digital Signatures
20.7 Hashing
20.7.1 Activity – Calculating Hashes
20.8 Common Cryptography Use Cases
20.9 Cryptography Tools
20.10 Cryptography Attacks
20.11 Cryptography Review
20.12 Course Conclusion

Module 61 – CEH v11 Advanced Ethical Hacker Course Intro

61.1 About This Course: Advanced Ethical Hacker
61.2 About the Instructor

Module 62 – CEH v11 Session Hjacking

62.1 Session Hijacking Concepts
62.2 Token-based Authentication
62.3 Compromising a Session Token
62.4 XSS
62.5 CSRF
62.6 Other Attacks

Module 63 – CEH v11 Defending Against Hijacking

63.1 Network Level Hijacking
63.2 Session Hijacking Tools
63.3 Session Hijacking Countermeasures
63.4 Session Penetration Hijacking
63.5 Review

Module 64 – CEH v11 Implementing Intrusion Detection

64.1 IDS-IPS
64.2 Snort
64.3 Snort Rules
64.4 Syslog

Module 65 – CEH v11 Testing Intrusion Detection

65.1 WIPS
65.2 IDS Considerations
65.3 IDS Tools
65.4 IDS Evasion
65.5 IDS-Firewall Evasion Tools
65.6 IDS Scenerios

Module 66 – CEH v11 Implementing Firewalls

66.1 Firewalls
66.2 Packet Filtering Rules
66.3 Firewall Deployments
66.4 Traffic Flow through Firewalls
66.5 Split DNS

Module 67 – CEH v11 Testing Firewallls

67.1 Firewall Tools
67.2 Firewall Evasion
67.3 Firewall Scenarios

Module 68 – CEH v11 Implementing Honeypots

68.1 Honeypots
68.2 Honeypot Detection
68.3 IDS-Firewall Evasion Countermeasures
68.4 IDS-Firewall Honeypot Penetration Testing
68.5 Review

Module 69 – CEH v11 Attacker Webserver

69.1 Webserver Security Overview
69.2 Common Webservers
69.3 Webserver Attacks
69.4 Misconfiguration Attack Examples

Module 70 – CEH v11 Webserver Defense

70.1 Webserver Attack Tools
70.2 Attack Countermeasures
70.3 Webserver Penetration Testing
70.4 Review

Module 71 – CEH v11 Intro To Web Apps

71.1 Web Application Concepts
71.2 Attacking Web Apps

Module 72 – CEH v11 OWASP Top 5 Web App Vulnerabilities

72.1 A01 – Broken Access Control
72.2 A02 – Cryptographic Failures
72.3 A03 – Injection
72.4 A04 – Insecure Design
72.5 A05 – Security Misconfiguration

Module 73 – CEH v11 OWASP Additional Web App Vulnerabilities

73.1 A06 – Vulnerable and Outdated Components
73.2 A07 – Identification and Authentication Failures
73.3 A08 – Software and Data Integrity Failures
73.4 A09 – Security Logging and Monitoring
73.5 A10 – Server Side Request Forgery

Module 74 – CEH v11 Common Web App Attacks

74.1 XSS Attacks
74.2 CSRF
74.3 Parameter Tampering
74.4 Clickjacking
74.5 SQL Injection

Module 75 – CEH v11 Unauthorized Access Through Web Apps

75.1 Insecure Deserialization Attacks
75.2 IDOR
75.3 Directory Traversal
75.4 Session Management Attacks
75.5 Response Splitting

Module 76 – CEH v11 Web App Overflow Attacks

76.1 Denial of Service
76.2 Overflow Attacks
76.3 XXE Attacks
76.4 Soap Attacks
76.5 Ajax Attacks

Module 77 – CEH v11 Defending Web Apps

77.1 Web App Hacking Tools
77.2 Web Hacking Countermeasures
77.3 Web Application Penetration Testing
77.4 Review

Module 78 – CEH v11 Intro To SQL Injection

78.1 SQL Overview
78.2 SQL Injection Concepts
78.3 Basic SQL Injection

Module 79 – CEH v11 Performing SQL Injection

79.1 Finding Vulnerable Websites
79.2 Error-based SQL Injection
79.3 Union SQL Injection
79.4 Blind SQL Injection
79.5 SQL Injection Scenarios
79.6 Evading Detection

Module 80 – CEH v11 Defending Against SQL Injection

80.1 SQL Injection Tools
80.2 SQL Injection Countermeasures
80.3 Safe Coding Examples
80.4 SQL Wildcards
80.5 SQL Injection Penetration Testing
80.6 Review

Module 81 – CEH v11 Wireless Networking Overview

81.1 Wireless Concepts
81.2 Wireless Signal Encoding
81.3 Wi-Fi Standards
81.4 Wi-Fi Antennas
81.5 Wireless Authentication

Module 82 – CEH v11 Wi-Fi Security

82.1 Wi-Fi Security Standards
82.2 Wireless Network Troubleshooting Tools
82.3 Wi-Fi Discovery Tools
82.4 Sniffing Wi-Fi

Module 83 – CEH v11 Hacking Wi-Fi

83.1 Wi-Fi Attack Types
83.2 Wi-Fi Rogue Access Point Attacks
83.3 Wi-Fi Denial of Service Attacks
83.4 Wi-Fi Password Cracking Attacks
83.5 WEP Cracking

Module 84 – CEH v11 Advanced Wireless Attacks

84.1 WPA-WPA2 Cracking
84.2 WPA3 Attacks
84.3 WPS Cracking
84.4 Wi-Fi Attack Tools for Mobile Devices
84.5 Bluetooth Hacking
84.6 Other Wireless Hacking

Module 85 – CEH v11 Defending Wireless Networks

85.1 Wireless Hacking Countermeasures
85.2 Wireless Security Tools
85.3 Wireless Penetration Testing
85.4 Review

Module 86 – CEH v11 Mobile Platform Overview

86.1 Mobile Platform Overview
86.2 Mobile Device Vulnerabilities
86.3 Mobile Device Attacks

Module 87 – CEH v11 Hacking Android

87.1 Android
87.2 Android Vulnerabilities
87.3 Rooting Android
87.4 Android Exploits
87.5 Android Hacking Tools
87.6 Reverse Engineering an Android App
87.7 Securing Android

Module 88 – CEH v11 Hacking iOS

88.1 iOS
88.2 iOS Vulnerabilities
88.3 Jailbreaking iOS
88.4 iOS Exploits
88.5 iOS Hacking Tools
88.6 Securing iOS

Module 89 – CEH v11 Mobile Platform Defense

89.1 Mobile Device Management
89.2 BYOD
89.3 Mobile Security Guidelines and Tools
89.4 Mobile Device Penetration Testing
89.5 Review

Module 90 – CEH v11 IoT Hacking

90.1 loT Concepts
90.2 loT Infrastructure
90.3 Fog Computing
90.4 loT Vulnerabilities
90.5 loT Threats

Module 91 – CEH v11 IoT Defense

91.1 IoT Hacking Methodologies and Tools
91.2 IoT Hacking Methodolgies and Tools Part 2
91.3 Hacking Countermeasures
91.4 IoT Penetration Testing
91.5 OT Concepts
91.6 Industrial IoT

Module 92 – CEH v11 Operational Technology Overview

92.1 IT-OT Convergence
92.2 ICS
92.3 SCADA
92.4 DCS
92.5 RTU
92.6 PLC
92.7 Addition OT Components

Module 93 – CEH v11 Hacking OT

93.1 OT Variables
93.2 Well-known OT attacks
93.3 OT Attack Methodology and Basic Tools
93.4 OT Reconnaissance
93.5 OT Penetration and Control

Module 94 – CEH v11 Defending OT

94.1 OT Attack Tools
94.2 OT Hacking Countermeasures
94.3 OT Penetration Testing
94.4 Review

Module 95 – CEH v11 Attacking The Cloud

95.1 Cloud Computing Concepts
95.2 Virtualization
95.3 Cloud Types
95.4 Cloud Benefits and Considerations
95.5 Cloud Risks and Vulnerablilities

Module 96 – CEH v11 Cloud Defense

96.1 Cloud Threats and Countermeasures
96.2 Cloud Security Tools
96.3 Cloud Security Best Practices
96.4 Cloud Penetration Testing
96.5 Review

Module 97 – CEH v11 Cryptography Overview

97.1 Cryptography Concepts
97.2 Symetric Encryption
97.3 Asymmetric Encryption
97.4 Public Key Exchange
97.5 PKI

Module 98 – CEH v11 Protecting Data With Crytography

98.1 Digital Certificates
98.2 Digital Signatures
98.3 Hashing
98.4 Email Encryption
98.5 Network Communication Encryption

Module 99 – CEH v11 Protecting Data at Home and in Transit

99.1 Disk Encryption
99.2 VPN Encryption
99.3 Cryptography Tools

Module 100 – CEH v11 Pentesting Cryptography

100.1 Cryptography Attacks
100.2 Cryptography Penetration Testing
100.3 Review
100.4 Conclusion

Module 21 – CEH v11 Ethical Hacker Course Intro

21.1 About this course – Ethical Hacker
21.2 About the Instructor

Module 22 – CEH v11 Intro to Footprinting

22.1 Footprinting Concepts
22.2 Footprinting Methodology
22.3 OSINT Tools
22.4 Advanced Google Search
22.5 Whois Footprinting
22.6 Activity – Performing a Whois Lookup

Module 23 – CEH v11 Footprinting Network Services

23.1 DNS Footprinting
23.2 Website Footprinting
23.3 Email Footprinting
23.4 Network Footprinting
23.5 Footprinting through Social Networking Sites

Module 24 – CEH v11 Defend Against Footprinting

24.1 Competitive Intelligence Gathering
24.2 Footprinting Countermeasures
24.3 Footprinting Penetration Testing
24.4 Review

Module 25 – CEH v11 Intro to Scanning

25.1 Scanning Concepts
25.2 ICMP Discovery Scans
25.3 Other Discovery Scans

Module 26 – CEH v11 Port Scanning

26.1 Ports
26.2 TCP Flags and Handshakes
26.3 TCP Scan Types
26.4 Other Scanning Techniques

Module 27 – CEH v11 Vulnerability Scanning

27.1 Banner Grabbing
27.2 Vulnerability Scanning
27.3 SSDP Scanning

Module 28 – CEH v11 NMAP

28.1 Nmap
28.2 Common Nmap Scans
28.3 Nmap Options
28.4 Nmap Stealth Scans
28.5 Hping and Other Scanners

Module 29 – CEH v11 Firewalls and Intrusion Detection

29.1 Firewall Types
29.2 Firewall Features
29.3 Firewall Features Part 2
29.4 Firewall Configurations
29.5 Intrusion Detection and Prevention

Module 30 – CEH v11 Evading Detection

30.1 Firewall and IDS Evasion
30.2 Firewall and IDS Evasion Part 2
30.3 Firewalking
30.4 Probing a Firewall
30.5 Probing a Firewall Part 2

Module 31 – CEH v11 Proxies and VPNs

31.1 Proxies
31.2 VPNs
31.3 Tor
31.4 Scanning Countermeasures
31.5 Scanning Penetration Testing
31.6 Review

Module 32 – CEH v11 Accessing Vulnerability

32.1 Vulnerability Assessment Overview
32.2 Vulnerability Scoring Systems
32.3 Vulnerability Assessment Tools

Module 33 – CEH v11 Vulnerability Research

33.1 Scanner Output and Reports
33.2 Vulnerability Research
33.3 Review

Module 34 – CEH v11 Intro to Enumeration

34.1 Enumeration Concepts
34.2 Enumeration Techniques and Tools
34.3 Service and Application Enumeration
34.4 SMB and NetBIOS Enumeration

Module 35 – CEH v11 Service Enumeration

35.1 SNMP Enumeration
35.2 LDAP Enumeration
35.3 DNS Enumeration
35.4 SMTP Enumeration
35.5 NTP Enumeration

Module 36 – CEH v11 Advanced Enumeration

36.1 Remote Connection Enumeration
36.2 File Transfer Enumeration
36.3 VoIP Enumeration
36.4 IPSEC Enumeration
36.5 IPv6 Enumeration
36.6 BGP Enumeration

Module 37 – CEH v11 Command Line Enumeration

37.1 Windows Command Line Enumeration
37.2 Linux Command Line Enumeration
37.3 Linux Command Line Enumeration Part 2

Module 38 – CEH v11 Defending Against Enumeration

38.1 Enumeration Countermeasures
38.2 Enumeration Countermeasures Part 2
38.3 Enumeration Penetration Testing
38.4 Review

Module 39 – CEH v11 Intro to System Hacking

39.1 System Hacking Concepts
39.2 System Hacking Tools and Frameworks
39.3 Searchsploit
39.4 Compiling and Running Exploits

Module 40 – CEH v11 System Hacking with Metasploit

40.1 Metasploit
40.2 Metasploit Search
40.3 Metasploit Exploits and Payloads
40.4 Metasploit Meterpreter
40.5 Metasploit Connectivity
40.6 Metasploit Impersonation and Migration

Module 41 – CEH v11 Further Attacking a Compromised System

41.1 Netcat
41.2 Pivoting
41.3 Netcat Relays
41.4 Metasploit Post Exploitation Modules
41.5 Common Operating System Exploits

Module 42 – CEH v11 Hacking an Operating System

42.1 Hacking Windows
42.2 Hacking Linux
42.3 Network Service Exploits
42.4 Password Attacks

Module 43 – CEH v11 Password Cracking Overview

43.1 Dictionary Attack
43.2 Brute Force Attack
43.3 Password Spraying
43.4 Rainbow Tables

Module 44 – CEH v11 Performing Password Attacks

44.1 Network Service Password Attacks
44.2 Password Cracking Tools
44.3 Online Password Cracking Sites
44.4 Windows Password Cracking
44.5 Linux Password Cracking
44.6 Other Methods for Obtaining Passwords

Module 45 – CEH v11 Using Exploits

45.1 Keylogging
45.2 Spyware
45.3 Rootkits
45.4 Buffer Overflows
45.5 Privilege Escalation
45.6 Hiding Files

Module 46 – CEH v11 Hiding Information

46.1 Alternate Data Streams
46.2 Steganography
46.3 Creating and Maintaining Remote Access
46.4 Hiding Evidence

Module 47 – CEH v11 Covering Tracks

47.1 Covering Tracks in Windows
47.2 Covering Tracks in Linux
47.3 System Hacking Counter-Measures
47.4 System Hacking Penetration Testing
47.5 Review

Module 48 – CEH v11 Malware Overview

48.1 Intro to Malware
48.2 Virus Overview
48.3 Virus Types
48.4 Self-Hiding Viruses
48.5 Worms
48.6 Trojans
48.7 Trojan Types
48.8 RATS

Module 49 – CEH v11 Hacking With Malware

49.1 Ransomware
49.2 Botnets
49.3 Covert Channel Trojans
49.4 Banking Trojans
49.5 Rootkits

Module 50 – CEH v11 Creating Malware

50.1 Other Malware
50.2 Malware Makers
50.3 Dropper and Stage Creation
50.4 Exploit Kits

Module 51 – CEH v11 Detecting Malware

51.1 Malware Detection
51.2 Malware Detection Part 2
51.3 Malware Analysis

Module 52 – CEH v11 Defending Against Malware

52.1 Malware Reverse Engineering
52.2 Malware Countermeasures
52.3 Malware Penetration Testing
52.4 Review

Module 53 – CEH v11 Sniffing

53.1 Sniffing Concepts
53.2 Types of Sniffing
53.3 Sniffing Protocols
53.4 Sniffing Tools

Module 54 – CEH v11 Spoofing and MITM

54.1 ARP
54.2 ARP Spoofing
54.3 MITM
54.4 MAC Attacks
54.5 MAC Spoofing
54.6 DHCP Attacks

Module 55 – CEH v11 Defending Against Poisoning and Sniffing

55.1 Name Resolution Poisoning
55.2 VLAN Hopping
55.3 Sniffing Counter Measures
55.4 Sniffing Penetration Testing
55.5 Review

Module 56 – CEH v11 Social Engineering

56.1 Social Engineering Concepts
56.2 Social Engineering Techniques
56.3 Social Engineering Examples
56.4 Social Engineering Tools

Module 57 – CEH v11 Defending Against Social Engineering

57.1 Social Media
57.2 Identity Theft
57.3 Insider Threats
57.4 Social Engineering Countermeasures
57.5 Social Engineering Penetration Testing
57.6 Review

Module 58 – CEH v11 Denial-of-Service

58.1 DoS-DDoS Concepts
58.2 Volumetric Attacks
58.3 Fragmentation Attacks
58.4 State Exhaustion Attacks
58.5 Application Layer Attacks

Module 59 – CEH v11 Advanced DoS Attacks

59.1 Protocol Attacks
59.2 Other Attacks
59.3 Botnets

Module 60 – CEH v11 Defending Against Denial-of-Service

60.1 DoS-DDoS Attack Tools
60.2 DoS-DDoS Countermeasures
60.3 Dos Penetration Testing
60.4 Review

Module 1 – CEH v11 Foundations Course Introduction

1.1 About this course: CEH Foundations
1.2 About the Instructor

Module 2 – CEH v11 Introduction To Networking

2.1 Networking Overview
2.2 Network Scope
2.3 Network Addressing
2.4 Activity – Examining Network Addressing

Module 3 – CEH v11 Lan Components

3.1 Protocols, Ports, Sockets
3.2 Network Topologies
3.3 LAN Devices
3.4 LAN Devices Part 2
3.5 VLANs
3.6 Activity – Examining Ports and Sockets
3.7 Activity – Examining Switches and VLANs

Module 4 – CEH v11 Routing and Network Access

4.1 Routers
4.2 Layer 3 Switches
4.3 Modems and Remote Access
4.4 Firewalls and Proxies
4.5 Activity – Examining Routing
4.6 Activity – Examining VLAN Routing
4.7 Activity – Examining Firewall Rules

Module 5 – CEH v11 Intrusion Detection and Network Layers

5.1 IDS and IPS
5.2 OSI Model
5.3 TCP-IP
5.4 Activity – Examining Network Layers

Module 6 – CEH v11 Networking Protocols and Addressing

6.1 Layer 4 Protocols
6.2 Layer 3 Protocols
6.3 Layer 2 Protocols
6.4 IP Addressing
6.5 Subnetting
6.6 DHCP
6.7 Activity – Examining TCP
6.8 Activity – Examining UDP
6.9 Activity – Examining IP
6.10 Activity – Examining ICMP
6.11 Activity – Examining ARP

Module 7 – CEH v11 Network Services

7.1 DNS
7.2 DNS Records
7.3 NTP
7.4 Authentication
7.5 Biometrics
7.6 Activity – Examining DNS
7.7 Activity – Examining DNS Records

Module 8 – CEH v11 Access Control

8.1 Local Authentication
8.2 Directory Service Authentication
8.3 Extending Authentication
8.4 Authorization
8.5 Activity – Testing Access Control

Module 9 – CEH v11 Intro to Linux

9.1 Linux Overview
9.2 Linux File System
9.3 Linux Core Commands
9.4 Linux Search and Read Commands
9.5 Activity – Exploring Linux
9.6 Activity – Using Linux Core Commands
9.7 Activity – Using Linux Search Commands
9.8 Activity – Using Linux Read Commands

Module 10 – CEH v11 Configuring Linux

10.1 Linux File Permissions
10.2 Linux Special Permissions
10.3 Linux Configuration
10.4 Linux Packages
10.5 Linux User Management

Module 11 – CEH v11 Practicing Linux Configuration

11.1 Activity – Setting Linux Permissions
11.2 Activity – Setting Linux Special Permissions
11.3 Activity – Managing Packages in Kali Linux
11.4 Activity – Managing Users and Groups in Linux

Module 12 – CEH v11 Managing Linux

12.1 Linux Job Scheduling
12.2 Linux File, Directory, and Download Commands
12.3 Linux System Commands
12.4 Linux Network Management
12.5 Linux Firewall

Module 13 – CEH v11 Practicing Linux Management

13.1 Activity – Scheduling Tasks in Linux
13.2 Activity – Using Linux File, Directory, and Download Commands
13.3 Activity – Using Linux Edit and Archive Commands
13.4 Activity – Compiling Malicious Code
13.5 Activity – Using Linux Process and System Commands
13.6 Activity – Using Linux Disk, Hardware, and Network Commands

Module 14 – CEH v11 Intro to Windows

14.1 Windows Overview
14.2 Windows Registry
14.3 Windows Security

Module 15 – CEH v11 Windows Commands

15.1 Windows Commands
15.2 Windows Admin Commands
15.3 Windows Network Commands
15.4 Windows Run Line Commands
15.5 Windows PowerShell

Module 16 – CEH v11 Practicing Windows Commands

16.1 Activity – Using Windows Built-in Commands
16.2 Activity – Using Windows Task Commands
16.3 Activity – Using Windows Admin Commands
16.4 Activity – Using Windows Network Commands
16.5 Activity – Using Windows PowerShell
16.6 Networking and OS Penetration Testing
16.7 Review

Module 17 – CEH v11 Intro to Hacking

17.1 Information Security Overview
17.2 Hacking Concepts
17.3 Ethical Hacking Concepts
17.4 Penetration Testing
17.5 Penetration Testing Part 2
17.6 Activity – Performing a Static Code Review

Module 18 – CEH v11 Information Security

18.1 Cyber Kill Chain Concepts
18.2 Activity – Performing Weaponization
18.3 Information Security
18.4 Security Policies
18.5 Security Controls
18.6 Access Control

Module 19 – CEH v11 Protecting Data

19.1 Data Protection
19.2 Backup Sites
19.3 Vulnerability Management
19.4 SIEM
19.5 Risks

Module 20 – CEH v11 Managing Risk

20.1 Risk Management
20.2 Incident Handling
20.3 Information Security Laws and Standards
20.4 Activity – Assessing Risk
20.5 Ethical Hacking Penetration Testing
20.6 Review
20.7 Conclusion

Module 1: Introduction

Instructor Introduction
Course Introduction
Exam Overview

Module 2: Information Security Governance

Module Overview
InfoSec Strategic Context Part 1
InfoSec Strategic Context Part 2
GRC Strategy and Assurance
Roles and Responsibilities
GMA Tasks Knowledge and Metrics
IS Strategy Overview
Strategy Implemenation
Strategy Development Support
Architecture and Controls
Considerations and Action Plan
InfoSec Prog Objectives and Wrap-Up

Module 3: Information Security Risk Management

Module Overview
Risk Identification Task and Knowledge
Risk Management Strategy
Additional Considerations
Risk Analysis and Treatment Tasks & Knowledge
Leveraging Frameworks
Assessment Tools and Analysis
Risk Scenario Development
Additional Risk Factors
Asset Classification and Risk Management
Risk Monitoring and Communication
Information Risk Management Summary

Module 4: InfoSec Prog Development and Management

Module Overview
Alignment and Resource Management – Task and Knowledge
Key Relationships
Standards Awareness and Training – Tasks and Knowledge
Awareness and Training
Building Security into Process and Practices – Tasks and Knowledge
Additional Technology Infrastructure Concerns
Security monitoring and reporting Overview Tasks and Knowledge
Metrics and Monitoring
Summary

Module 5: Information Security Incident Management

Module Overview
Planning and Integration Overview Task and Knowledge
Incident Response Concepts and Process
Forensics and Recovery
Readiness and Assessment – Overview Tasks and Knowledge
Identification and Response Overview Tasks and Knowledge
Incident Processes

Module 6: Exam Prep

Case Study – Security On a Shoestring Budget
Case Study – APT In Action
Summary
Exam Prep

Module 1: Intro & Performing Basic Linux Tasks

Instructor Introduction
Course Introduction
Identify The Linux Design Philosophy
Enter Shell Commands
Shell Commands Activity
Get Help with Linux

Module 2: Managing Users and Groups

Assume Superuser and Groups
Create, Modify, and Delete Users
Create, Modify, and Delete Groups
Query Users and Groups
Configure Account Profiles

Module 3: Managing Permissions and Ownership

Modify File and Directory Permissions
Modify File and Directory Ownership
Configure Special Permissions and Attributes
Troubleshoot Permissions Issues

Module 4: Managing Storage

Create Partitions
Manage Logical Volumes
Mount File Systems
Manage File Systems
Navigate the Linux Directory Structure
Troubleshoot Storage Issues

Module 5: Managing Files and Directories

Create and Edit Text Files
Search for Files
Perform Operations on Files and Directories
Process Text Files
Manipulate File Output

Module 6: Managing Kernel Modules

Explore the Linux Kernel
Install and Configure Kernel Modules
Monitor Kernel Modules

Module 7: Managing the Linux Boot Process

Configure Linux Boot Components
Configure GRUB

Module 8: Managing System Components

Configure Localization Options
Configure GUIs
Manage Services
Troubleshoot Process Issues
Troubleshoot CPU and Memory Issues

Module 9: Managing Devices

Identify the Types of Linux
Configure Devices
Monitor Devices
Troubleshoot Hardware Issues

Module 10: Managing Networking

Identify TCP/IP Fundamentals
Identify Linux Server Roles
Connect to a Network
Configure DHCP and DNS Client Services
Configure Cloud and Virtualization Technologies
Troubleshoot Networking Issues

Module 11: Managing Packages and Software

Identify Package Managers
Manage RPM Packages with YUM
Manage Debian Packages with APT
Configure Repositories
Acquire Software
Build Software from Source Code
Troubleshoot Software Dependency Issues

Module 12: Securing Linux Systems

Implement Cybersecurity Best Practices
Implement Identity and Access Management Methods
Configure SELinux or AppArmor
Configure Firewalls
Implement Logging Services
Back Up, Restore, and Verify Data

Module 13: Working with Bash Scripts

Customize the Bash Shell Environment
Identify Scripting and Programming Fundamentals
Write and Execute a Simple Bash Script
Incorporate Control Statements in Bash Scripts

Module 14: Automating Tasks

Schedule Jobs
Implement Version Control Using Git
Identify Orchestration Concepts

Module 15: Installing Linux

Prepare for Linux Installation
Perform the Installation

Module 1: Security and Risk Management

Module 1 Notes
Intro
Security and Risk Management pt.1
Security and Risk Management pt.2
Security and Risk Management pt.3
Security and Risk Management Summary
Security and Risk Management Test Prep pt.1
Security and Risk Management Test Prep pt.2
Security and Risk Management Test Prep pt.3
Security and Risk Management Test Prep pt.4

Module 2: Asset Security

Module 2 Notes
Asset Secutity pt.1
Asset Security pt.2
Asset Security Summary
Asset Security Test Prep

Module 3: Security Architecture and Engineering

Module 3 Notes
Security Architecture and Engineering pt.1
Security Architecture and Engineering pt.2
Security Architecture and Engineering pt.3
Security Architecture and Engineering Summary
Security Architecture and Engineering Test Prep pt.1
Security Architecture and Engineering Test Prep pt.2
Security Architecture and Engineering Test Prep pt.3

Module 4: Communication and Network Security

Module 4 Notes
Communication and Network Security pt.1
Communication and Network Security pt.2
Communication and Network Security Summary
Communication and Network Security Test Prep

Module 5: Identity and Access Management (IAM)

Module 5 Notes
Identity and Access Management (IAM)
Identity and Access Management (IAM) Summary
Identity and Access Management (IAM) Test Prep pt.1
Identity and Access Management (IAM) Test Prep pt.2
Identity and Access Management (IAM) Test Prep pt.3
Identity and Access Management (IAM) Test Prep pt.4

Module 6: Security Assessment and Testing

Module 6 Notes
Security Assessment and Testing
Security Assessment and Testing Summary
Security Assessment and Testing Test Prep

Module 7: Security Operations

Module 7 Notes
Security Operations pt.1
Security Operations pt.2
Security Operations pt.3
Security Operations pt.4
Security Operations Summary
Security Operations Test Prep

Module 8: Software Development Security

Module 8 Notes
Software Development Security pt.1
Software Development Security pt.2
Software Development Security pt.3
Software Development Security pt.4
Software Development Security pt.5
Software Development Security Summary
Software Development Security Test Prep
Outro

Module 1 Understanding Security Layers

Module 1 Notes
1.0 Security Fundamentals Instructor
1.1 Security Fundamentals Intro
1.2 Understanding Security Layers Part1
1.3 Understanding Security Layers Part2

Module 2 Authentication, Authorization, and Accounting

Module 2 Notes
2.0 Authentication, Authorization & Accounting Part1
2.1 Authentication, Authorization & Accounting Part2
2.2 Authentication, Authorization & Accounting Demo

Module 3 Understanding Security Policies

Module 3 Notes
3.0 Understanding Security Policies

Module 4 Understanding Network Security

Module 4 Notes
4.0 Understanding Network Security Part1
4.1 Understanding Network Security Part2

Module 5 Locking Down Server and Client

Module 5 Notes
5.0 Locking Down the Server and Client
5.1 Locking Down the Server and Client Part2

Module 6 Key Takeaways

Key Takeaway Notes
6.0 Key Take Aways Intro
6.1 Understanding Security Layers
6.2 Authentication Authorization and Accounting
6.3 Understanding Security Policies
6.4 Understanding Network Security
6.5 Security Fundamentals Part 2

Module 7 Terms to Know

Terms to Know Notes
7.0 Terms to Know Intro
7.1 Understanding Security Layers Terms
7.2 Authentication Authorization and Accounting Terms
7.3 Understanding Security Policies Terms
7.4 Understanding Network Security Terms
7.5 Locking Down Server and Client Terms

Module 1 – The Pen Test Engagement

Module 1 Notes
1.0 PenTest Plus Introduction
1.1 PenTest Plus Topics
1.2 PenTest Engagement
1.3 Threat Modeling
1.4 Technical Constraints
1.5 PenTest Engagement Review
1.6 Examining PenTest Engagement Documents Act

Module 2 – Passive Reconnaissance

Module 2 Notes
2.1 Passive Reconnaissance part1
2.2 WHOIS Act
2.3 Passive Reconnaissance part2
2.4 Google Hacking Act
2.5 Passive Reconnaissance part3
2.6 DNS Querying Act
2.7 Passive Reconnaissance part4
2.8 Email Server Querying Act
2.9 SSL-TLS Cerfificates
2.10 Shodan Act
2.11 The Havester
2.12 TheHarvester Act
2.13 Recon-ng
2.14 Recon-g Act
2.14 Recon-ng-Part-2-API-key Act
2.15 Maltego
2.16 Have I been Pwned
2.17 Punked and Owned Pwned Act
2.18 Fingerprinting Organization with Collected Archives
2.19 FOCA Act
2.20 Findings Analysis Weaponization
2.21 Chp 2 Review

Module 3 – Active Reconnaissance

Module 3 Notes
3.1 Active Reconnaissannce
3.2 Discovery Scans Act
3.3 Nmap
3.4 Nmap Scans Types Act
3.5 Nmap Options
3.6 Nmap Options Act
3.7 Stealth Scans
3.8 Nmap Stealth Scans Act
3.9 Full Scans
3.10 Full Scans Act
3.11 Packet Crafting
3.12 Packet Crafting Act
3.13 Network Mapping
3.14 Metasploit
3.15 Scanning with Metasploit Act
3.16 Enumeration
3.17 Banner Grabbing Act
3.18 Windows Host Enumeration
3.19 Winddows Host Enumeration Act
3.20 Linux Host Enumeration
3.21 Linux Host Enumeration Act
3.22 Service Enumeration
3.23 Service Enumeration Act
3.24 Network Shares
3.25 SMB Share Enumeration Act
3.26 NFS Network Share Enumeration
3.27 NFS Share Enumeration Act
3.28 Null Sessions
3.29 Null Sessions Act
3.30 Website Enumeration
3.31 Website Enumeration Act
3.32 Vulnerability Scans
3.33 Compliance Scans Act
3.34 Credentialed Non-credentialed Scans
3.35 Using Credentials in Scans Act
3.36 Server Service Vulnerability Scan
3.37 Vulnerability Scanning Act
3.38 Web Server Database Vulnerability Scan
3.39 SQL Vulnerability Scanning Act
3.40 Vulnerability Scan Part 2 OpenVAS Act
3.41 Web App Vulnerability Scan
3.42 Web App Vulnerability Scanning Act
3.43 Network Device Vulnerability Scan
3.44 Network Device Vuln Scanning Act
3.45 Nmap Scripts
3.46 Using Nmap Scripts for Vuln Scanning Act
3.47 Packet Crafting for Vulnerbility Scans
3.48 Firewall Vulnerability Scans
3.49 Wireless Access Point Vunerability
3.50 Wireless AP Scans Act
3.51 WAP Vulnerability Scans
3.52 Container Security issues
3.53 How to Update Metasploit Pro Expired Trial License

Module 4 – Physical Security

Module 4 Notes
4.1 Physical Security
4.2 Badge Cloning Act
4.3 Physical Security Review

Module 5 – Social Engineering

Module 5 Notes
5.1 Social Engineering
5.2 Using Baited USB Stick Act
5.3 Using Social Enginnering to Assist Attacks
5.4 Phishing Act
5.5 Social Engineering Review

Module 6 – Vulnerability Scan Analysis

Module 6 Notes
6.1 Vulnerbility Scan Analysis
6.2 Validating Vulnerability Scan Results Act
6.3 Vulnerbility Scan Analysis Review

Module 7 – Password Cracking

Module 7 Notes
7.1 Password Cracking
7.2 Brute Force Attack Against Network Service Act
7.3 Network Authentication Interception Attack
7.4 Intercepting Network Authentication Act
7.5 Pass the Hash Attacks
7.6 Pass the Hash Act
7.7 Password Cracking Review

Module 8 – Penetrating Wired Networks

Module 8 Notes
8.1 Penetrating Wired Network
8.2 Sniffing Act
8.3 Eavesdropping
8.4 Eavesdropping Act
8.5 ARP Poisoning
8.6 ARP Poisoning Act
8.7 Man In The Middle
8.8 MITM Act
8.9 TCP Session HiJacking
8.10 Server Message Blocks SMB Exploits
8.11 SMB Attack Act
8.12 Web Server Attacks
8.13 FTP Attacks
8.14 Telnet Server Attacks
8.15 SSH Server Attacks
8.16 Simple Network Mgmt Protocol SNMP
8.17 Simple Mail Transfer Protocol SMTP
8.18 Domain Name System DNS Cache Poisoning
8.19 Denail of Service Attack DoS-DDoS
8.20 DoS Attack Act
8.21 VLAN Hopping Review

Module 9 – Penetrating Wireless Networks

Module 9 Notes
9.1 Penetrating Wireless Networks
9.2 Jamming Act
9.3 Wireless Sniffing
9.4 Replay Attacks
9.5 WEP Cracking Act
9.6 WPA-WPA2 Cracking
9.7 WAP Cracking Act
9.8 Evil Twin Attacks
9.9 Evil Twin Attack Act
9.10 WiFi Protected Setup
9.11 Bluetooth Attacks
9.12 Penetrating Wireless Networks

Module 10 – Windows Exploits

Module 10 Notes
10.1 Windows Exploits
10.2 Dumping Stored Passwords Act
10.3 Dictionary Attacks
10.4 Dictionary Attack Against Windows Act
10.5 Rainbow Table Attacks
10.6 Credential Brute Force Attacks
10.7 Keylogging Attack Act
10.8 Windows Kernel
10.9 Kernel Attack Act
10.10 Windows Components
10.11 Memory Vulnerabilities
10.12 Buffer Overflow Attack Act
10.13 Privilegde Escalation in Windows
10.14 Windows Accounts
10.15 Net and WMIC Commands
10.16 Sandboxes

Module 11 – Linux Exploits

Module 11 Notes
11.1 Linux Exploits
11.2 Exploiting Common Linux Features Act
11.3 Password Cracking in Linux
11.4 Cracking Linux Passwords Act
11.5 Vulnerability Linux
11.6 Priviledge Escalation Linux
11.7 Linux Accounts
11.8 Linux Exploits Review

Module 12 – Mobile Devices

Module 12 Notes
12.1 Mobile Devices
12.2 Hacking Android Act
12.3 Apple Exploits
12.4 Moblie Devices Review

Module 13 – Specialized Systems

Module 13 Notes
13.1 Specialized Systems
13.2 Specialized Systems Review

Module 14 – Scripts

Module 14 Notes
14.1 Scripts
14.2 Powershell
14.3 Python
14.4 Ruby
14.5 Common Scripting Elements
14.6 Scripts Review
14.7 Better Ping Sweep
14.8 Simple Port Scanner2
14.9 Multitarget Port Scanner
14.10 Port Scanner with Nmap
14.11 Scripts Review

Module 15 – Application Testing

Module 15 Notes
15.1 Application Testing
15.2 Reverse Engineering

Module 16 – Web App Exploits

Module 16 Notes
16.1 Webb App Exploits
16.2 Injection Attacks
16.3 HTML Injection
16.4 SQL Hacking – SQLmap Act
16.5 Cross-Site Attacks
16.6 Cross-Site Request Forgery
16.7 Other Web-based Attacks
16.8 File Inclusion Attacks
16.9 Web Shells
16.10 Web Shells Review

Module 17 – Lateral Movement

Module 17 Notes
17.1 Lateral Movement
17.2 Lateral Movement with Remote Mgmt Services
17.3 Process Migration Act
17.4 Passing Control Act
17.5 Pivoting
17.6 Tools the Enable Pivoting
17.7 Lateral Movement Review

Module 18 – Persistence

Module 18 Notes
18.1 Persistence
18.2 Breeding RATS Act
18.3 Bind and Reverse Shells
18.4 Bind Shells Act
18.5 Reverse Shells
18.6 Reverse Shells Act
18.7 Netcat
18.8 Netcat Act
18.9 Scheduled Tasks
18.10 Scheduled Tasks Act
18.11 Services and Domains
18.12 Persistence Review

Module 19 – Cover Your Tracks

Module 19 Notes
19.1 Cover Your Tracks
19.2 Cover Your Tracks – Timestomp Files Act
19.3 Cover Your Tracks – Frame the Administrator Act
19.4 Cover Your Tracks – Clear the Event Log Act
19.5 Cover Your Tracks Review

Module 20 – The Report

Module 20 Notes
20.1 The Report
20.2 The Report Review

Module 21 – Post Engagement Cleanup

Module 21 Notes
21.1 Post Engagement Cleanup_1
21.3 Post Engagement Cleanup Review
21.4 PenTest Plus Conclusion.mp4

Module 1 – Risk Management

Module 1 Notes
Intro CASP
CASP Introduction
Mod 1.1 Exploring Cloud Services Act
Mod 1.1 Acquisition Merger Demerger
Mod 1.1 Acquisition Merger Demerger Part2
Mod 1.2 Compare and Contrast
Mod 1.3 Given Scenario Execute Risk
Mod 1.3 Given Scenario Execute Risk Part2
Mod 1.3 Continuing Terminology IT Governance
Mod 1.4 Analyze Security Solution Metrics and Attributes
Mod 1.4 Analyze Risk
Mod 1.4 Trend Analysis Act

Module 2 – Enterprise Security Architecture

Module 2 Notes
Mod 2 Enterprise Security Architecture
Mod 2.1 Network Device Security Act
Mod 2.1 Application and Protocol
Mod 2.1 Advanced Network Security Act
Mod 2.1 Complex Network Security Solution
Mod 2.1 Implementing VLANs Switchport Sec Act
Mod 2.1 Implementing VLANs Switchport Sec Act Part2
Mod 2.1 Distributed Denial of Service
Mod 2.1 Exploring DoS Attacks Act
Mod 2.1 Security Zones
Mod 2.1 Network Access Control
Mod 2.1 Searching for Vulnerablie ICS-SCADA Act
Mod 2.2 Analyze a Scenario Integrate Security
Mod 2.2 Configuring Windows Firewall Act
Mod 2.2 Log Monitoring and Auditing
Mod 2.2 Group Policy Act
Mod 2.2 Patch Management
Mod 2.2 Management Interface
Mod 2.2 Measured Launch
Mod 2.3 Analyze a Scenario to Integrate Security Controls
Mod 2.3 Security Implications Privacy
Mod 2.3 Baseband
Mod 2.4 Given Software Vulnerabilty Scenarios
Mod 2.4 SQL Injection Act
Mod 2.4 Improper Error and Exception Handling
Mod 2.4 Buffer Overflows Act
Mod 2.4 Memory Leaks
Mod 2.4 Researching Vulnerabilities Exploits Act

Module 3 – Enterprise Security Operations

Module 3 Notes
Mod 3 Enterprise Security Operations
Mod 3 Runtime Debugging
Mod 3.1 Fingerprinting an OS Services Act
Mod 3.1 Code Review
Mod 3.1 Conducting OSINT Act
Mod 3.1 Types
Mod 3.1 Conducting a Vulnerability Assessment Act
Mod 3.2 Analyze a Scenario Output
Mod 3.2 Network Sniffing Act
Mod 3.2 Security Content Automation
Mod 3.2 Using a SCAP Scanner Act
Mod 3.2 Network Enumerator
Mod 3.2 Password Cracking Act
Mod 3.2 Host Vulnerability Scanner
Mod 3.2 Using Command Line Tools Act
Mod 3.2 OpenSSL
Mod 3.2 Scanning for Heartbleed Act
Mod 3.2 Local Exploitation Tools
Mod 3.2 Verifying File Integrity with SFC Act
Mod 3.2 Log Analysis Tools
Mod 3.3 Given Scenario Implement Incident
Mod 3.3 Facilitate Incident Detection Response
Mod 3.3 Using Incident Response Support Tools Act
Mod 3.3 Severity of Incident Detection Breach

Module 4 – Technical Integration of Enterprise Security

Module 4 Notes
Mod 4 Technical Integration of Enterprise
Mod 4 Technical Integration of Enterprise Part2
Mod 4.1 DataSecurity Considerations
Mod 4.1 Examing Network Diagrams Act
Mod 4.1 Security and Privacy Considerations of Storage integration
Mod 4.1 Exploring Directory Services and DNS Act
Mod 4.2 Given Scenario Integrate Cloud and Virtualization
Mod 4.2 Taking Another Look at Cloud Services Act
Mod 4.2 Security Advantages and Disadvanatges of Virtualization
Mod 4.2 Using Virtualization Act
Mod 4.2 Cloud Augmented Security
Mod 4.3 Given Scenario Integrate and Troubleshoot Advanced Authentication
Mod 4.4 Given Scenario Cryptographic
Mod 4.4 Cryptographic Part2
Mod 4.4 Mobile Device Encryption
Mod 4.4 Cryptography Act
Mod 4.5 Select the Appropriate Control
Mod 4.5 Phising Act
Mod 4.5 Telephony VoIP Integration

Module 5 – Research, Development and Collaboration

Module 5 Notes
Mod 5 Research Methods to Determine Industry Trends
Mod 5.1 Practicing Threat Intelligence Act
Mod 5.2 Scenario Implememt Security Activities Across
Mod 5.2 Static Testing
Mod 5.3 Explain the Importance of Interaction
CASP Conclusion

Module 1 – The Audit Process

Introduction
Audit Process
Auditing Standards
Auditing Guidelines
Cobit Model
Audit Management
Internal Control Classifications
Planning
Program
Evidence
Audit Control Evaluation
CSA Control Self-Assessment

Module 2 – Audit Governance and Compliance

IT Governance
Governance & Security Policies
Outsourcing & Governance
Outsourcing & Globalization
Organizational Compliance
IT Strategy
IT Performance

Module 3 – System Infrastructure, Project Management, and Testing

System & Infrastructure
Requirements
Project Management Tools – Part 1
Project Management Tools – Part 2
Applications
Agile Development
Monitoring & Controlling
Acquisition Process
Testing Process
Information Systems Maintenance Practices
Data Conversion Tools

Module 4 – Media Disposal, Reviews, and System Maintenance

Media Disposal Process
Post Implementation Review
Periodic Review
System Maintenance

Module 5 – IT Service Level Management

IT Service Delivery and Support
How to Evalutate Service Level Management Practices
Operations Management
Databases
Structured Query Language (SQL)
Monitoring Performance
Source Code and Perfomance Monitoring
Patch Management
Incident Management
Hardware Component Types
Network Component Types

Module 6 – Auditor Technical Overview

IS Auditor Technical Overview
Security Design
Monitoring Systems
Types of Attacks
Cryptography
Encryption
Asymmetric Encryption
Digital Certificate
Different Kinds of Attacks
Access Controls
Identification and Authenication
Physical Access Exposure
Environmental Security
Network Security Devices and Network Components
Network Address Translation
Virtual Private Networks (VPNs)
Voice System Risks
Intrusion Detection
Firewalls
Firewall Implementation
Network Access Protection
HoneyPot
Risks to Portable and Wireless Devices
Bluetooth
OSI Networking
Managing Data

Module 7 – Business Continuity and Disaster Recovery

Business Continuity and Disaster Recovery
Fault Tolerance
Business Continuity and Disaster Recovery Regulations

This course is included in all of our team and individual training plans. Choose the option that works best for you.

[ Team Training ]

Enroll My Team.

Give your entire team access to this course and our full training library. Includes team dashboards, progress tracking, and group management.

Get Team Pricing

[ Individual Plans ]

Choose a Plan.

Get unlimited access to this course and our entire library with a monthly, quarterly, annual, or lifetime plan.

View Individual Plans

[ FAQ ]

Frequently Asked Questions.

What are the key skills I will learn in the Ethical Hacking module of the Cybersecurity Master Certification?

The Ethical Hacking module focuses on teaching students how to think like an attacker to identify vulnerabilities within IT systems. You will learn techniques for evading intrusion detection systems (IDS), bypassing firewalls, and detecting honeypots.

These skills are essential for understanding how malicious actors exploit security measures, allowing you to develop more effective defense strategies. The course emphasizes practical knowledge, including hands-on exercises that simulate real-world attack scenarios, helping you build both offensive and defensive cybersecurity skills.

Does this training cover the latest cybersecurity threats and attack techniques?

Yes, the Cybersecurity Master Certification Training Bundle is regularly updated to include the latest cybersecurity threats, attack vectors, and defense mechanisms. The Ethical Hacking module, in particular, covers current techniques used by cybercriminals to evade detection and compromise systems.

This ensures that you are learning relevant, real-world skills that are applicable to contemporary cybersecurity challenges. Staying current with evolving attack methods is crucial for effective cybersecurity professionals, and this course aims to equip you with that knowledge.

What is the significance of understanding how to evade IDS, firewalls, and honeypots in cybersecurity?

Understanding how to evade security measures like IDS, firewalls, and honeypots is critical because it provides insight into their limitations and weaknesses. This knowledge enables cybersecurity professionals to design more resilient security architectures and develop better detection and response strategies.

Moreover, it helps ethical hackers and security analysts anticipate attacker tactics, techniques, and procedures (TTPs), allowing them to proactively identify vulnerabilities before malicious actors do. This proactive approach is essential for maintaining a strong security posture in any organization.

Can I expect practical, hands-on training in this Cybersecurity Master Certification course?

Absolutely. The course emphasizes practical, hands-on learning through simulated attack scenarios, labs, and exercises that replicate real-world cybersecurity challenges. You will practice evading security tools, analyzing attack methods, and implementing defensive measures.

This experiential approach is designed to reinforce theoretical knowledge and develop your skills in a controlled environment. By the end of the course, you should be confident in applying these techniques to protect systems and respond effectively to security incidents.

Is this course suitable for beginners or do I need prior cybersecurity experience?

This course is suitable for individuals with some foundational knowledge of networking and cybersecurity concepts. While it is designed to be comprehensive, having prior experience with basic security principles can help you grasp advanced topics more quickly.

If you are a complete beginner, it is recommended to familiarize yourself with fundamental cybersecurity concepts and networking basics before enrolling. The course content is structured to progressively build your skills, from basic understanding to advanced attack and defense techniques.

Ready to start learning?

Individual Plans →Team Plans →

Cybersecurity Master Certification Training Bundle

What this cybersecurity certification training bundle is really built to do

ethical hacking: evading ids, firewalls, and honeypots [author] videos and the attacker mindset

Reconnaissance, footprinting, and the first mistakes attackers make

Session hijacking, web behavior, and why identity is a security perimeter

Network security, cloud security, database security, and control design

Security+™, CISSP®, CISM®, CISA®, CASP, and how the bundle supports certification goals

Risk management and project-level security thinking

Prerequisites, who should take this training, and what kind of background helps

Where this training can take your career next

CompTIA Security+ SY0-701 Course Content

CompTIA Cybersecurity Analyst CySA+ (CS0-003) Course Content

Certified Ethical Hacker (CEH) v12 Course Content

Certified Ethical Hacker (CEH) Version 11 Part 3: Advanced Ethical Hacker (ECC 312-50) Course Content

Certified Ethical Hacker (CEH) Version 11 Part 2: Ethical Hacker (ECC 312-50) Course Content

Certified Ethical Hacker (CEH) Version 11 Part 1: Foundations (ECC 312-50) Course Content

Certified Information Security Manager (CISM) Course Content

CompTIA Linux+ (XK0-004) Course Content

Certified Information Systems Security Professional (CISSP) Course Content

Microsoft 98-367 MTA Security Fundamentals Course Content

CompTIA PenTest+ (PT0-001) Course Content

CompTIA Advanced Security Practitioner (CASP) CAS-003 Course Content

Certified Information Systems Auditor (CISA) Course Content

Enroll My Team.

Choose a Plan.

Frequently Asked Questions.