Certified Ethical Hacker Career Path - ITU Online

Your Last Chance for Lifetime Learning!  Elevate your skills forever with our All-Access Lifetime Training. 
Only $249! Our Lowest Price Ever!

Days
Hours
Minutes
Seconds

Certified Ethical Hacker
Career Path

4.6/5
$51.60

Learn to combat the bad actors in this Certified Ethical Hacker career path training. This advanced training series teaches you the skills needed to detect vulnerabilities and weaknesses in computer systems and networks, using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner. 

This Ethical Hacker Career Path Features

Total Hours
126  Training Hours
Certified Ethical Hacker Career Path
804 On-demand Videos
Closed Caption

Closed Captions

Course Topics
120  Topics
Prep Questions
320 Prep Questions
Certified Ethical Hacker Career Path

Certificate of Completion

Ethical Hacker Career Path

Embark on a journey to mastering ethical hacking with our in-depth training series! Tailored for those aiming to become Certified Ethical Hackers, this series offers a blend of theoretical knowledge and practical skills. Whether you’re looking to enhance your cybersecurity expertise, delve into advanced penetration testing, or achieve EC-Council’s CEH certification, our expert-led courses have you covered. Perfect for IT security professionals, system administrators, and anyone passionate about defending cyberspace. Enroll today and equip yourself with the tools and techniques to thrive in the ever-evolving landscape of ethical hacking!

The Role of A Certified Ethical Hacker

Certified Ethical Hackers play a crucial role in safeguarding information systems by simulating cyber attacks to identify vulnerabilities. 

 

Their duties typically include:

 

  • Conducting Vulnerability Assessments: Scanning systems and networks to identify and report security vulnerabilities.
  • Performing Penetration Testing: Simulating cyber attacks on systems, networks, and applications to evaluate their security.
  • Analyzing Security Policies: Reviewing and suggesting improvements to existing security policies and procedures.
  • Ensuring Compliance with Security Standards: Ensuring systems comply with security standards like ISO 27001, HIPAA, or PCI-DSS.
  • Reporting and Documentation: Documenting the findings from security assessments and suggesting remediation strategies.
  • Developing Security Solutions: Creating and implementing security solutions to defend against cyber threats.
  • Educating and Training Staff: Conducting training sessions for staff on security awareness and best practices.
  • Staying Updated with Latest Threats: Keeping abreast of the latest cybersecurity trends, threats, and countermeasures.
  • Incident Handling and Response: Responding to and investigating security breaches or incidents.
  • Collaborating with IT Teams: Working closely with IT teams to ensure secure network architecture and system configurations.

Your Learning Path

Start Here

Course: 1 - Estimated 4 Week(s) To Complete
1
Certified Ethical Hacker (CEH) Version 11 Part 1: Foundations (ECC 312-50) Course Content
24 Hours 03 Minutes 113 Videos 30 Prep Questions
This course lays the essential groundwork for aspiring ethical hackers, introducing the fundamental concepts of cybersecurity and ethical hacking. It provides the necessary base upon which more advanced skills are built, ensuring a solid understanding of the ethical and legal aspects of hacking.

Module 1 - CEH v11 Foundations Course Introduction
   1.1 About this course: CEH Foundations
   1.2 About the Instructor

Module 2 - CEH v11 Introduction To Networking
   2.1 Networking Overview
   2.2 Network Scope
   2.3 Network Addressing
   2.4 Activity - Examining Network Addressing

Module 3 - CEH v11 Lan Components
   3.1 Protocols, Ports, Sockets
   3.2 Network Topologies
   3.3 LAN Devices
   3.4 LAN Devices Part 2
   3.5 VLANs
   3.6 Activity - Examining Ports and Sockets
   3.7 Activity - Examining Switches and VLANs

Module 4 - CEH v11 Routing and Network Access
   4.1 Routers
   4.2 Layer 3 Switches
   4.3 Modems and Remote Access
   4.4 Firewalls and Proxies
   4.5 Activity - Examining Routing
   4.6 Activity - Examining VLAN Routing
   4.7 Activity - Examining Firewall Rules

Module 5 - CEH v11 Intrusion Detection and Network Layers
   5.1 IDS and IPS
   5.2 OSI Model
   5.3 TCP-IP
   5.4 Activity - Examining Network Layers

Module 6 - CEH v11 Networking Protocols and Addressing
   6.1 Layer 4 Protocols
   6.2 Layer 3 Protocols
   6.3 Layer 2 Protocols
   6.4 IP Addressing
   6.5 Subnetting
   6.6 DHCP
   6.7 Activity - Examining TCP
   6.8 Activity - Examining UDP
   6.9 Activity - Examining IP
   6.10 Activity - Examining ICMP
   6.11 Activity - Examining ARP

Module 7 - CEH v11 Network Services
   7.1 DNS
   7.2 DNS Records
   7.3 NTP
   7.4 Authentication
   7.5 Biometrics
   7.6 Activity - Examining DNS
   7.7 Activity - Examining DNS Records

Module 8 - CEH v11 Access Control
   8.1 Local Authentication
   8.2 Directory Service Authentication
   8.3 Extending Authentication
   8.4 Authorization
   8.5 Activity - Testing Access Control

Module 9 - CEH v11 Intro to Linux
   9.1 Linux Overview
   9.2 Linux File System
   9.3 Linux Core Commands
   9.4 Linux Search and Read Commands
   9.5 Activity - Exploring Linux
   9.6 Activity - Using Linux Core Commands
   9.7 Activity - Using Linux Search Commands
   9.8 Activity - Using Linux Read Commands

Module 10 - CEH v11 Configuring Linux
   10.1 Linux File Permissions
   10.2 Linux Special Permissions
   10.3 Linux Configuration
   10.4 Linux Packages
   10.5 Linux User Management

Module 11 - CEH v11 Practicing Linux Configuration
   11.1 Activity - Setting Linux Permissions
   11.2 Activity - Setting Linux Special Permissions
   11.3 Activity - Managing Packages in Kali Linux
   11.4 Activity - Managing Users and Groups in Linux

Module 12 - CEH v11 Managing Linux
   12.1 Linux Job Scheduling
   12.2 Linux File, Directory, and Download Commands
   12.3 Linux System Commands
   12.4 Linux Network Management
   12.5 Linux Firewall

Module 13 - CEH v11 Practicing Linux Management
   13.1 Activity - Scheduling Tasks in Linux
   13.2 Activity - Using Linux File, Directory, and Download Commands
   13.3 Activity - Using Linux Edit and Archive Commands
   13.4 Activity - Compiling Malicious Code
   13.5 Activity - Using Linux Process and System Commands
   13.6 Activity - Using Linux Disk, Hardware, and Network Commands

Module 14 - CEH v11 Intro to Windows
   14.1 Windows Overview
   14.2 Windows Registry
   14.3 Windows Security

Module 15 - CEH v11 Windows Commands
   15.1 Windows Commands
   15.2 Windows Admin Commands
   15.3 Windows Network Commands
   15.4 Windows Run Line Commands
   15.5 Windows PowerShell

Module 16 - CEH v11 Practicing Windows Commands
   16.1 Activity - Using Windows Built-in Commands
   16.2 Activity - Using Windows Task Commands
   16.3 Activity - Using Windows Admin Commands
   16.4 Activity - Using Windows Network Commands
   16.5 Activity - Using Windows PowerShell
   16.6 Networking and OS Penetration Testing
   16.7 Review

Module 17 - CEH v11 Intro to Hacking
   17.1 Information Security Overview
   17.2 Hacking Concepts
   17.3 Ethical Hacking Concepts
   17.4 Penetration Testing
   17.5 Penetration Testing Part 2
   17.6 Activity - Performing a Static Code Review

Module 18 - CEH v11 Information Security
   18.1 Cyber Kill Chain Concepts
   18.2 Activity - Performing Weaponization
   18.3 Information Security
   18.4 Security Policies
   18.5 Security Controls
   18.6 Access Control

Module 19 - CEH v11 Protecting Data
   19.1 Data Protection
   19.2 Backup Sites
   19.3 Vulnerability Management
   19.4 SIEM
   19.5 Risks

Module 20 - CEH v11 Managing Risk
   20.1 Risk Management
   20.2 Incident Handling
   20.3 Information Security Laws and Standards
   20.4 Activity - Assessing Risk
   20.5 Ethical Hacking Penetration Testing
   20.6 Review
   20.7 Conclusion

Course: 2 - Estimated 3 Week(s) To Complete
2
Certified Ethical Hacker (CEH) Version 11 Part 2: Ethical Hacker (ECC 312-50) Course Content
22 Hours 15 Minutes 180 Videos 34 Prep Questions
Building on the foundations, this course dives into the core practices of ethical hacking, focusing on penetration testing and vulnerability assessment techniques. It equips learners with practical skills to identify and exploit system weaknesses, a critical step in developing real-world cybersecurity expertise.

Module 21 - CEH v11 Ethical Hacker Course Intro
   21.1 About this course - Ethical Hacker
   21.2 About the Instructor

Module 22 - CEH v11 Intro to Footprinting
   22.1 Footprinting Concepts
   22.2 Footprinting Methodology
   22.3 OSINT Tools
   22.4 Advanced Google Search
   22.5 Whois Footprinting
   22.6 Activity - Performing a Whois Lookup

Module 23 - CEH v11 Footprinting Network Services
   23.1 DNS Footprinting
   23.2 Website Footprinting
   23.3 Email Footprinting
   23.4 Network Footprinting
   23.5 Footprinting through Social Networking Sites

Module 24 - CEH v11 Defend Against Footprinting
   24.1 Competitive Intelligence Gathering
   24.2 Footprinting Countermeasures
   24.3 Footprinting Penetration Testing
   24.4 Review

Module 25 - CEH v11 Intro to Scanning
   25.1 Scanning Concepts
   25.2 ICMP Discovery Scans
   25.3 Other Discovery Scans

Module 26 - CEH v11 Port Scanning
   26.1 Ports
   26.2 TCP Flags and Handshakes
   26.3 TCP Scan Types
   26.4 Other Scanning Techniques

Module 27 - CEH v11 Vulnerability Scanning
   27.1 Banner Grabbing
   27.2 Vulnerability Scanning
   27.3 SSDP Scanning

Module 28 - CEH v11 NMAP
   28.1 Nmap
   28.2 Common Nmap Scans
   28.3 Nmap Options
   28.4 Nmap Stealth Scans
   28.5 Hping and Other Scanners

Module 29 - CEH v11 Firewalls and Intrusion Detection
   29.1 Firewall Types
   29.2 Firewall Features
   29.3 Firewall Features Part 2
   29.4 Firewall Configurations
   29.5 Intrusion Detection and Prevention

Module 30 - CEH v11 Evading Detection
   30.1 Firewall and IDS Evasion
   30.2 Firewall and IDS Evasion Part 2
   30.3 Firewalking
   30.4 Probing a Firewall
   30.5 Probing a Firewall Part 2

Module 31 - CEH v11 Proxies and VPNs
   31.1 Proxies
   31.2 VPNs
   31.3 Tor
   31.4 Scanning Countermeasures
   31.5 Scanning Penetration Testing
   31.6 Review

Module 32 - CEH v11 Accessing Vulnerability
   32.1 Vulnerability Assessment Overview
   32.2 Vulnerability Scoring Systems
   32.3 Vulnerability Assessment Tools

Module 33 - CEH v11 Vulnerability Research
   33.1 Scanner Output and Reports
   33.2 Vulnerability Research
   33.3 Review

Module 34 - CEH v11 Intro to Enumeration
   34.1 Enumeration Concepts
   34.2 Enumeration Techniques and Tools
   34.3 Service and Application Enumeration
   34.4 SMB and NetBIOS Enumeration

Module 35 - CEH v11 Service Enumeration
   35.1 SNMP Enumeration
   35.2 LDAP Enumeration
   35.3 DNS Enumeration
   35.4 SMTP Enumeration
   35.5 NTP Enumeration

Module 36 - CEH v11 Advanced Enumeration
   36.1 Remote Connection Enumeration
   36.2 File Transfer Enumeration
   36.3 VoIP Enumeration
   36.4 IPSEC Enumeration
   36.5 IPv6 Enumeration
   36.6 BGP Enumeration

Module 37 - CEH v11 Command Line Enumeration
   37.1 Windows Command Line Enumeration
   37.2 Linux Command Line Enumeration
   37.3 Linux Command Line Enumeration Part 2

Module 38 - CEH v11 Defending Against Enumeration
   38.1 Enumeration Countermeasures
   38.2 Enumeration Countermeasures Part 2
   38.3 Enumeration Penetration Testing
   38.4 Review

Module 39 - CEH v11 Intro to System Hacking
   39.1 System Hacking Concepts
   39.2 System Hacking Tools and Frameworks
   39.3 Searchsploit
   39.4 Compiling and Running Exploits

Module 40 - CEH v11 System Hacking with Metasploit
   40.1 Metasploit
   40.2 Metasploit Search
   40.3 Metasploit Exploits and Payloads
   40.4 Metasploit Meterpreter
   40.5 Metasploit Connectivity
   40.6 Metasploit Impersonation and Migration

Module 41 - CEH v11 Further Attacking a Compromised System
   41.1 Netcat
   41.2 Pivoting
   41.3 Netcat Relays
   41.4 Metasploit Post Exploitation Modules
   41.5 Common Operating System Exploits

Module 42 - CEH v11 Hacking an Operating System
   42.1 Hacking Windows
   42.2 Hacking Linux
   42.3 Network Service Exploits
   42.4 Password Attacks

Module 43 - CEH v11 Password Cracking Overview
   43.1 Dictionary Attack
   43.2 Brute Force Attack
   43.3 Password Spraying
   43.4 Rainbow Tables

Module 44 - CEH v11 Performing Password Attacks
   44.1 Network Service Password Attacks
   44.2 Password Cracking Tools
   44.3 Online Password Cracking Sites
   44.4 Windows Password Cracking
   44.5 Linux Password Cracking
   44.6 Other Methods for Obtaining Passwords

Module 45 - CEH v11 Using Exploits
   45.1 Keylogging
   45.2 Spyware
   45.3 Rootkits
   45.4 Buffer Overflows
   45.5 Privilege Escalation
   45.6 Hiding Files

Module 46 - CEH v11 Hiding Information
   46.1 Alternate Data Streams
   46.2 Steganography
   46.3 Creating and Maintaining Remote Access
   46.4 Hiding Evidence

Module 47 - CEH v11 Covering Tracks
   47.1 Covering Tracks in Windows
   47.2 Covering Tracks in Linux
   47.3 System Hacking Counter-Measures
   47.4 System Hacking Penetration Testing
   47.5 Review

Module 48 - CEH v11 Malware Overview
   48.1 Intro to Malware
   48.2 Virus Overview
   48.3 Virus Types
   48.4 Self-Hiding Viruses
   48.5 Worms
   48.6 Trojans
   48.7 Trojan Types
   48.8 RATS

Module 49 - CEH v11 Hacking With Malware
   49.1 Ransomware
   49.2 Botnets
   49.3 Covert Channel Trojans
   49.4 Banking Trojans
   49.5 Rootkits

Module 50 - CEH v11 Creating Malware
   50.1 Other Malware
   50.2 Malware Makers
   50.3 Dropper and Stage Creation
   50.4 Exploit Kits

Module 51 - CEH v11 Detecting Malware
   51.1 Malware Detection
   51.2 Malware Detection Part 2
   51.3 Malware Analysis

Module 52 - CEH v11 Defending Against Malware
   52.1 Malware Reverse Engineering
   52.2 Malware Countermeasures
   52.3 Malware Penetration Testing
   52.4 Review

Module 53 - CEH v11 Sniffing
   53.1 Sniffing Concepts
   53.2 Types of Sniffing
   53.3 Sniffing Protocols
   53.4 Sniffing Tools

Module 54 - CEH v11 Spoofing and MITM
   54.1 ARP
   54.2 ARP Spoofing
   54.3 MITM
   54.4 MAC Attacks
   54.5 MAC Spoofing
   54.6 DHCP Attacks

Module 55 - CEH v11 Defending Against Poisoning and Sniffing
   55.1 Name Resolution Poisoning
   55.2 VLAN Hopping
   55.3 Sniffing Counter Measures
   55.4 Sniffing Penetration Testing
   55.5 Review

Module 56 - CEH v11 Social Engineering
   56.1 Social Engineering Concepts
   56.2 Social Engineering Techniques
   56.3 Social Engineering Examples
   56.4 Social Engineering Tools

Module 57 - CEH v11 Defending Against Social Engineering
   57.1 Social Media
   57.2 Identity Theft
   57.3 Insider Threats
   57.4 Social Engineering Countermeasures
   57.5 Social Engineering Penetration Testing
   57.6 Review

Module 58 - CEH v11 Denial-of-Service
   58.1 DoS-DDoS Concepts
   58.2 Volumetric Attacks
   58.3 Fragmentation Attacks
   58.4 State Exhaustion Attacks
   58.5 Application Layer Attacks

Module 59 - CEH v11 Advanced DoS Attacks
   59.1 Protocol Attacks
   59.2 Other Attacks
   59.3 Botnets

Module 60 - CEH v11 Defending Against Denial-of-Service
   60.1 DoS-DDoS Attack Tools
   60.2 DoS-DDoS Countermeasures
   60.3 Dos Penetration Testing
   60.4 Review

Course: 3 - Estimated 4 Week(s) To Complete
3
Certified Ethical Hacker (CEH) Version 11 Part 3: Advanced Ethical Hacker (ECC 312-50) Course Content
24 Hours 01 Minutes 189 Videos 36 Prep Questions
This advanced course takes learners deeper into the world of ethical hacking, covering sophisticated attack strategies and defense mechanisms. It's designed to refine the skills of participants, preparing them for complex security challenges and enhancing their problem-solving abilities in cybersecurity.

Module 61 - CEH v11 Advanced Ethical Hacker Course Intro
   61.1 About This Course: Advanced Ethical Hacker
   61.2 About the Instructor

Module 62 - CEH v11 Session Hjacking
   62.1 Session Hijacking Concepts
   62.2 Token-based Authentication
   62.3 Compromising a Session Token
   62.4 XSS
   62.5 CSRF
   62.6 Other Attacks

Module 63 - CEH v11 Defending Against Hijacking
   63.1 Network Level Hijacking
   63.2 Session Hijacking Tools
   63.3 Session Hijacking Countermeasures
   63.4 Session Penetration Hijacking
   63.5 Review

Module 64 - CEH v11 Implementing Intrusion Detection
   64.1 IDS-IPS
   64.2 Snort
   64.3 Snort Rules
   64.4 Syslog

Module 65 - CEH v11 Testing Intrusion Detection
   65.1 WIPS
   65.2 IDS Considerations
   65.3 IDS Tools
   65.4 IDS Evasion
   65.5 IDS-Firewall Evasion Tools
   65.6 IDS Scenerios

Module 66 - CEH v11 Implementing Firewalls
   66.1 Firewalls
   66.2 Packet Filtering Rules
   66.3 Firewall Deployments
   66.4 Traffic Flow through Firewalls
   66.5 Split DNS

Module 67 - CEH v11 Testing Firewallls
   67.1 Firewall Tools
   67.2 Firewall Evasion
   67.3 Firewall Scenarios

Module 68 - CEH v11 Implementing Honeypots
   68.1 Honeypots
   68.2 Honeypot Detection
   68.3 IDS-Firewall Evasion Countermeasures
   68.4 IDS-Firewall Honeypot Penetration Testing
   68.5 Review

Module 69 - CEH v11 Attacker Webserver
   69.1 Webserver Security Overview
   69.2 Common Webservers
   69.3 Webserver Attacks
   69.4 Misconfiguration Attack Examples

Module 70 - CEH v11 Webserver Defense
   70.1 Webserver Attack Tools
   70.2 Attack Countermeasures
   70.3 Webserver Penetration Testing
   70.4 Review

Module 71 - CEH v11 Intro To Web Apps
   71.1 Web Application Concepts
   71.2 Attacking Web Apps

Module 72 - CEH v11 OWASP Top 5 Web App Vulnerabilities
   72.1 A01 - Broken Access Control
   72.2 A02 - Cryptographic Failures
   72.3 A03 - Injection
   72.4 A04 - Insecure Design
   72.5 A05 - Security Misconfiguration

Module 73 - CEH v11 OWASP Additional Web App Vulnerabilities
   73.1 A06 - Vulnerable and Outdated Components
   73.2 A07 - Identification and Authentication Failures
   73.3 A08 - Software and Data Integrity Failures
   73.4 A09 - Security Logging and Monitoring
   73.5 A10 - Server Side Request Forgery

Module 74 - CEH v11 Common Web App Attacks
   74.1 XSS Attacks
   74.2 CSRF
   74.3 Parameter Tampering
   74.4 Clickjacking
   74.5 SQL Injection

Module 75 - CEH v11 Unauthorized Access Through Web Apps
   75.1 Insecure Deserialization Attacks
   75.2 IDOR
   75.3 Directory Traversal
   75.4 Session Management Attacks
   75.5 Response Splitting

Module 76 - CEH v11 Web App Overflow Attacks
   76.1 Denial of Service
   76.2 Overflow Attacks
   76.3 XXE Attacks
   76.4 Soap Attacks
   76.5 Ajax Attacks

Module 77 - CEH v11 Defending Web Apps
   77.1 Web App Hacking Tools
   77.2 Web Hacking Countermeasures
   77.3 Web Application Penetration Testing
   77.4 Review

Module 78 - CEH v11 Intro To SQL Injection
   78.1 SQL Overview
   78.2 SQL Injection Concepts
   78.3 Basic SQL Injection

Module 79 - CEH v11 Performing SQL Injection
   79.1 Finding Vulnerable Websites
   79.2 Error-based SQL Injection
   79.3 Union SQL Injection
   79.4 Blind SQL Injection
   79.5 SQL Injection Scenarios
   79.6 Evading Detection

Module 80 - CEH v11 Defending Against SQL Injection
   80.1 SQL Injection Tools
   80.2 SQL Injection Countermeasures
   80.3 Safe Coding Examples
   80.4 SQL Wildcards
   80.5 SQL Injection Penetration Testing
   80.6 Review

Module 81 - CEH v11 Wireless Networking Overview
   81.1 Wireless Concepts
   81.2 Wireless Signal Encoding
   81.3 Wi-Fi Standards
   81.4 Wi-Fi Antennas
   81.5 Wireless Authentication

Module 82 - CEH v11 Wi-Fi Security
   82.1 Wi-Fi Security Standards
   82.2 Wireless Network Troubleshooting Tools
   82.3 Wi-Fi Discovery Tools
   82.4 Sniffing Wi-Fi

Module 83 - CEH v11 Hacking Wi-Fi
   83.1 Wi-Fi Attack Types
   83.2 Wi-Fi Rogue Access Point Attacks
   83.3 Wi-Fi Denial of Service Attacks
   83.4 Wi-Fi Password Cracking Attacks
   83.5 WEP Cracking

Module 84 - CEH v11 Advanced Wireless Attacks
   84.1 WPA-WPA2 Cracking
   84.2 WPA3 Attacks
   84.3 WPS Cracking
   84.4 Wi-Fi Attack Tools for Mobile Devices
   84.5 Bluetooth Hacking
   84.6 Other Wireless Hacking

Module 85 - CEH v11 Defending Wireless Networks
   85.1 Wireless Hacking Countermeasures
   85.2 Wireless Security Tools
   85.3 Wireless Penetration Testing
   85.4 Review

Module 86 - CEH v11 Mobile Platform Overview
   86.1 Mobile Platform Overview
   86.2 Mobile Device Vulnerabilities
   86.3 Mobile Device Attacks

Module 87 - CEH v11 Hacking Android
   87.1 Android
   87.2 Android Vulnerabilities
   87.3 Rooting Android
   87.4 Android Exploits
   87.5 Android Hacking Tools
   87.6 Reverse Engineering an Android App
   87.7 Securing Android

Module 88 - CEH v11 Hacking iOS
   88.1 iOS
   88.2 iOS Vulnerabilities
   88.3 Jailbreaking iOS
   88.4 iOS Exploits
   88.5 iOS Hacking Tools
   88.6 Securing iOS

Module 89 - CEH v11 Mobile Platform Defense
   89.1 Mobile Device Management
   89.2 BYOD
   89.3 Mobile Security Guidelines and Tools
   89.4 Mobile Device Penetration Testing
   89.5 Review

Module 90 - CEH v11 IoT Hacking
   90.1 loT Concepts
   90.2 loT Infrastructure
   90.3 Fog Computing
   90.4 loT Vulnerabilities
   90.5 loT Threats

Module 91 - CEH v11 IoT Defense
   91.1 IoT Hacking Methodologies and Tools
   91.2 IoT Hacking Methodolgies and Tools Part 2
   91.3 Hacking Countermeasures
   91.4 IoT Penetration Testing
   91.5 OT Concepts
   91.6 Industrial IoT

Module 92 - CEH v11 Operational Technology Overview
   92.1 IT-OT Convergence
   92.2 ICS
   92.3 SCADA
   92.4 DCS
   92.5 RTU
   92.6 PLC
   92.7 Addition OT Components

Module 93 - CEH v11 Hacking OT
   93.1 OT Variables
   93.2 Well-known OT attacks
   93.3 OT Attack Methodology and Basic Tools
   93.4 OT Reconnaissance
   93.5 OT Penetration and Control

Module 94 - CEH v11 Defending OT
   94.1 OT Attack Tools
   94.2 OT Hacking Countermeasures
   94.3 OT Penetration Testing
   94.4 Review

Module 95 - CEH v11 Attacking The Cloud
   95.1 Cloud Computing Concepts
   95.2 Virtualization
   95.3 Cloud Types
   95.4 Cloud Benefits and Considerations
   95.5 Cloud Risks and Vulnerablilities

Module 96 - CEH v11 Cloud Defense
   96.1 Cloud Threats and Countermeasures
   96.2 Cloud Security Tools
   96.3 Cloud Security Best Practices
   96.4 Cloud Penetration Testing
   96.5 Review

Module 97 - CEH v11 Cryptography Overview
   97.1 Cryptography Concepts
   97.2 Symetric Encryption
   97.3 Asymmetric Encryption
   97.4 Public Key Exchange
   97.5 PKI

Module 98 - CEH v11 Protecting Data With Crytography
   98.1 Digital Certificates
   98.2 Digital Signatures
   98.3 Hashing
   98.4 Email Encryption
   98.5 Network Communication Encryption

Module 99 - CEH v11 Protecting Data at Home and in Transit
   99.1 Disk Encryption
   99.2 VPN Encryption
   99.3 Cryptography Tools

Module 100 - CEH v11 Pentesting Cryptography
   100.1 Cryptography Attacks
   100.2 Cryptography Penetration Testing
   100.3 Review
   100.4 Conclusion

Course: 4 - Estimated 9 Week(s) To Complete
4
Certified Ethical Hacker (CEH) v12 Course Content
56 Hours 21 Minutes 322 Videos 220 Prep Questions
The latest in the series, this course integrates the newest technologies, tools, and trends in ethical hacking. It ensures that learners are up-to-date with current cybersecurity challenges, making them well-prepared and versatile in addressing evolving threats and vulnerabilities in the cyber landscape.

Module 1 - Introduction To Ethical Hacking
   1.0 Introduction to CEH v12
   1.1 Elements of Security
   1.2 Cyber Kill Chain
   1.3 MITRE ATT&CK Framework
   1.3.1 Activity - Researching the MITRE ATTACK Framework
   1.4 Hacking
   1.5 Ethical Hacking
   1.6 Information Assurance
   1.7 Risk Management
   1.8 Incident Management
   1.9 Information Security Laws and Standards
   1.10 Introduction to Ethical Hacking Review

Module 2: Footprinting and Reconnaissance
   2.1 Footprinting Concepts
   2.2 OSINT Tools
   2.2.1 Activity - Conduct OSINT with OSR Framework
   2.2.2 Activity - OSINT with theHarvester
   2.2.3 Activity - Add API Keys to theHarvester
   2.2.4 Activity - Extract Document Metadata with FOCA
   2.2.5 Activity - Extract Document Metadata with FOCA
   2.3 Advanced Google Search
   2.3.1 Activity - Google Hacking
   2.4 Whois Footprinting
   2.4.1 Activity - Conducting Whois Research
   2.5 DNS Footprinting
   2.5.1 Activity - Query DNS with NSLOOKUP
   2.6 Website Footprinting
   2.6.1 Activity - Fingerprint a Webserver with ID Serve
   2.6.2 Activity - Extract Data from Websites
   2.6.3 Activity - Mirror a Website with HTTrack
   2.7 Email Footprinting
   2.7.1 Activity - Trace a Suspicious Email
   2.8 Network Footprinting
   2.9 Social Network Footprinting
   2.10 Footprinting and Reconnaissance Countermeasures
   2.11 Footprinting and Reconnaissance Review

Module 3: Scanning Networks
   3.1 Scanning Concepts
   3.2 Discovery Scans
   3.2.1 Activity - ICMP ECHO and ARP Pings
   3.2.2 Activity - Host Discovery with Angry IP Scanner
   3.3 Port Scans
   3.3.1 Activity - Port Scan with Angry IP Scanner
   3.4 Other Scan Types
   3.5 Scanning Tools
   3.5.1 Activity - Hping3 Packet Crafting
   3.5.2 Activity - Fingerprinting with Zenmap
   3.6 NMAP
   3.6.1 Activity - Nmap Basic Scans
   3.6.2 Activity - Host Discovery with Nmap
   3.6.3 - Activity - Nmap Version Detection
   3.6.4 Activity - Nmap Idle (Zombie) Scan
   3.6.5 Activity - Nmap FTP Bounce Scan
   3.6.6 - Activity - NMAP Scripts
   3.7 Firewall and IDS Evasion
   3.7.1 Activity - Nmap Advanced Scans
   3.8 Proxies
   3.9 Scanning Countermeasures
   3.10 Scanning Networks Review

Module 4: Enumeration
   4.1 Enumeration Overview
   4.2 SMB_NetBIOS_Enumeration
   4.2.1 Activity - Enumerate NetBIOS Information with Hyena
   4.3 File Transfer Enumeration
   4.4 WMI Enumeration
   4.4.1 - Activity - Enumerating WMI with Hyena
   4.5 SNMP Enumeration
   4.5.1 Activity - Enumerate WMI, SNMP and Other Information Using SoftPerfect
   4.6 LDAP Enumeration
   4.7 DNS Enumeration
   4.8 SMTP Enumeration
   4.8.1 Activity - Enumerate Email Users with SMTP
   4.9 Remote Connection Enumeration
   4.10 Website Enumeration
   4.10.1 Activity - Enumerate a Website with DirBuster
   4.11 Other Enumeration Types
   4.12 Enumeration Countermeasures and Review

Module 5: Vulnerability Analysis
   5.1 Vulnerability Scanning
   5.1.1 Vulnerability Scanning with OpenVAS
   5.2 Vulnerability Assessment
   5.3 Vulnerability Analysis Review

Module 6: System Hacking
   6.1 System Hacking Concepts
   6.2 Common OS Exploits
   6.3 Buffer Overflows
   6.3.1 Activity - Performing a Buffer Overflow
   6.4 System Hacking Tools and Frameworks
   6.4.1 Activity - Hack a Linux Target from Start to Finish
   6.5 Metasploit
   6.5.1 Activity - Get Started with Metasploit
   6.6 Meterpreter
   6.7 Keylogging and Spyware
   6.7.1 Activity - Keylogging with Meterpreter
   6.8 Netcat
   6.8.1 Activity - Using Netcat
   6.9 Hacking Windows
   6.9.1 Activity - Hacking Windows with Eternal Blue
   6.10 Hacking Linux
   6.11 Password Attacks
   6.11.1 Activity - Pass the Hash
   6.11.2 Activity - Password Spraying
   6.12 Password Cracking Tools
   6.13 Windows Password Cracking
   6.13.1 Activity - Cracking Windows Passwords
   6.13.2 Activity - Cracking Password Hashes with Hashcat
   6.14 Linux Password Cracking
   6.15 Other Methods for Obtaining Passwords
   6.16 Network Service Attacks
   6.16.1 Activity - Brute Forcing a Network Service with Medusa
   6.17 Post Exploitation
   6.18 Pivoting
   6.18.1 Activity - Pivoting Setup
   6.19 Maintaining Access
   6.19.1 Activity - Persistence
   6.20 Hiding Data
   6.20.1 Activity - Hiding Data Using Least Significant Bit Steganography
   6.21 Covering Tracks
   6.21.1 Activity - Clearing Tracks in Windows
   6.21.2 Activity - View and Clear Audit Policies with Auditpol
   6.22 System Hacking Countermeasures
   6.23 System Hacking Review

Module 7: Malware Threats
   7.1 Malware Overview
   7.2 Viruses
   7.3 Trojans
   7.3.1 Activity - Deploying a RAT
   7.4 Rootkits
   7.5 Other Malware
   7.6 Advanced Persistent Threat
   7.7 Malware Makers
   7.7.1 Activity - Creating a Malware Dropper and Handler
   7.8 Malware Detection
   7.9 Malware Analysis
   7.9.1 Activity - Performing a Static Code Review
   7.9.2 Activity - Analyzing the SolarWinds Orion Hack
   7.10 Malware Countermeasures
   7.11 Malware Threats Review

Module 8: Sniffing
   8.1 Network Sniffing
   8.2 Sniffing Tools
   8.2.1 Activity- Sniffing HTTP with Wireshark
   8.2.2 Activity - Capturing Files from SMB
   8.3 ARP and MAC Attacks
   8.3.1 Activity - Performing an MITM Attack with Ettercap
   8.4 Name Resolution Attacks
   8.4.1 Activity - Spoofing Responses with Responder
   8.5 Other Layer 2 Attacks
   8.6 Sniffing Countermeasures
   8.7 Sniffing Review

Module 9: Social Engineering
   9.1 Social Engineering Concepts
   9.2 Social Engineering Techniques
   9.2.1 Activity - Deploying a Baited USB Stick
   9.2.2 Activity - Using an O.MG Lightning Cable
   9.3 Social Engineering Tools
   9.3.1 Activity - Phishing for Credentials
   9.4 Social Media, Identity Theft, Insider Threats
   9.5 Social Engineering Countermeasures
   9.6 Social Engineering Review

Module 10: Denial-of-Service
   10.1 DoS-DDoS Concepts
   10.2 Volumetric Attacks
   10.3 Fragmentation Attacks
   10.4 State Exhaustion Attacks
   10.5 Application Layer Attacks
   10.5.1 Activity - Performing a LOIC Attack
   10.5.2 Activity - Performing a HOIC Attack
   10.5.3 Activity - Conducting a Slowloris Attack
   10.6 Other Attacks
   10.7 DoS Tools
   10.8 DoS Countermeasures
   10.9 DoS Review

Module 11: Session Hijacking
   11.1 Session Hijacking
   11.2 Compromising a Session Token
   11.3 XSS
   11.4 CSRF
   11.5 Other Web Hijacking Attacks
   11.6 Network-Level Session Hijacking
   11.6.1 Activity - Hijack a Telnet Session
   11.7 Session Hijacking Tools
   11.8 Session Hijacking Countermeasures
   11.9 Session Hijacking Review

Module 12: Evading IDS, Firewalls, and Honeypots
   12.1 Types of IDS
   12.2 Snort
   12.3 System Logs
   12.4 IDS Considerations
   12.5 IDS Evasion
   12.5.1 Activity - Fly Below IDS Radar
   12.6 Firewalls
   12.7 Packet Filtering Rules
   12.8 Firewall Deployments
   12.9 Split DNS
   12.10 Firewall Product Types
   12.11 Firewall Evasion
   12.11.1 Activity - Use Social Engineering to Bypass a Windows Firewall
   12.11.2 Activity - Busting the DOM for WAF Evasion
   12.12 Honeypots
   12.13 Honeypot Detection and Evasion
   12.13.1 Activity - Test and Analyze a Honey Pot
   12.14 Evading IDS, Firewalls, and Honeypots Review

Module 13: Hacking Web Servers
   13.1 Web Server Operations
   13.2 Hacking Web Servers
   13.3 Common Web Server Attacks
   13.3.1 Activity - Defacing a Website
   13.4 Web Server Attack Tools
   13.5 Hacking Web Servers Countermeasures
   13.6 Hacking Web Servers Review

Module 14: Hacking Web Applications
   14.1 Web Application Concepts
   14.2 Attacking Web Apps
   14.3 A01 Broken Access Control
   14.4 A02 Cryptographic Failures
   14.5 A03 Injection
   14.5.1 Activity - Command Injection
   14.6 A04 Insecure Design
   14.7 A05 Security Misconfiguration
   14.8 A06 Vulnerable and Outdated Components
   14.9 A07 Identification and Authentication Failures
   14.10 A08 Software and Data integrity Failures
   14.11 A09 Security Logging and Monitoring Failures
   14.12 A10 Server-Side Request Forgery
   14.13 XSS Attacks
   14.13.1 Activity - XSS Walkthrough
   14.13.2 Activity - Inject a Malicious iFrame with XXS
   14.14 CSRF
   14.15 Parameter Tampering
   14.15.1 Activity - Parameter Tampering with Burp
   14.16 Clickjacking
   14.17 SQL Injection
   14.18 Insecure Deserialization Attacks
   14.19 IDOR
   14.19.1 Activity - Hacking with IDOR
   14.20 Directory Traversal
   14.21 Session Management Attacks
   14.22 Response Splitting
   14.23 Overflow Attacks
   14.24 XXE Attacks
   14.25 Web App DoS
   14.26 Soap Attacks
   14.27 AJAX Attacks
   14.28 Web API Hacking
   14.29 Webhooks and Web Shells
   14.30 Web App Hacking Tools
   14.31 Hacking Web Applications Countermeasures
   14.32 Hacking Web Applications Review

Module 15: SQL Injection
   15.1 SQL Injection Overview
   15.2 Basic SQL Injection
   15.3 Finding Vulnerable Websites
   15.4 Error-based SQL Injection
   15.5 Union SQL Injection
   15.5.1 Activity - Testing SQLi on a Live Website - Part 1
   15.5.2 Activity - Testing SQLi on a Live Website - Part 2
   15.6 Blind SQL Injection
   15.7 SQL Injection Tools
   15.7.1 Activity - SQL Injection Using SQLmap
   15.8 Evading Detection
   15.9 Analyzing SQL Injection
   15.10 SQL Injection Countermeasures
   15.11 SQL Injection Review

Module 16: Hacking Wireless Networks
   16.1 Wireless Concepts
   16.2 Wireless Security Standards
   16.3 WI-FI Discovery Tools
   16.4 Common Wi-Fi Attacks
   16.5 Wi-Fi Password Cracking
   16.6 WEP Cracking
   16.6.1 Activity - Cracking WEP
   16.7 WPA,WPA2,WPA3 Cracking
   16.7.1 Activity - WPA KRACK Attack
   16.8 WPS Cracking
   16.9 Bluetooth Hacking
   16.10 Other Wireless Hacking
   16.10.1 Activity - Cloning an RFID badge
   16.10.2 Activity - Hacking with a Flipper Zero
   16.11 Wireless Security Tools
   16.12 Wireless Hacking Countermeasures
   16.13 Hacking Wireless Networks Review

Module 17: Hacking Mobile Platforms
   17.1 Mobile Device Overview
   17.2 Mobile Device Attacks
   17.3 Android Vulnerabilities
   17.4 Rooting Android
   17.5 Android Exploits
   17.5.1 Activity - Hacking Android
   17.5.2 Activity - Using a Mobile Device in a DDoS Campaign
   17.6 Android-based Hacking Tools
   17.7 Reverse Engineering an Android App
   17.8 Securing Android
   17.9 iOS Overview
   17.10 Jailbreaking iOS
   17.11 iOS Exploits
   17.12 iOS-based Hacking Tools
   17.13 Reverse Engineering an iOS App
   17.14 Securing iOS
   17.15 Mobile Device Management
   17.16 Hacking Mobile Platforms Countermeasures
   17.17 Hacking Mobile Platforms Review

Module 18: IoT AND OT Hacking
   18.1 IoT Overview
   18.2 IoT Infrastructure
   18.3 IoT Vulnerabilities and Threats
   18.3.1 Activity - Searching for Vulnerable IoT Devices
   18.4 IoT Hacking Methodology and Tools
   18.5 IoT Hacking Countermeasures
   18.6 OT Concepts
   18.7 IT-OT Convergence
   18.8 OT Components
   18.9 OT Vulnerabilities
   18.10 OT Attack Methodology and Tools
   18.11 OT Hacking Countermeasures
   18.12 IoT and OT Hacking Review

Module 19: Cloud Computing
   19.1 Cloud Computing Concepts
   19.2 Cloud Types
   19.3 Cloud Benefits and Considerations
   19.4 Cloud Risks and Vulnerabilities
   19.5 Cloud Threats and Countermeasures
   19.5.1 Activity - Hacking S3 Buckets
   19.6 Cloud Security Tools And Best Practices
   19.7 Cloud Computing Review

Module 20: Cryptography
   20.1 Cryptography Concepts
   20.2 Symmetric Encryption
   20.2.1 Activity - Symmetric Encryption
   20.3 Asymmetric Encryption
   20.3.1 Activity - Asymmetric Encryption
   20.4 Public Key Exchange
   20.5 PKI
   20.5.1 Activity - Generating and Using an Asymmetric Key Pair
   20.6 Digital Signatures
   20.7 Hashing
   20.7.1 Activity - Calculating Hashes
   20.8 Common Cryptography Use Cases
   20.9 Cryptography Tools
   20.10 Cryptography Attacks
   20.11 Cryptography Review
   20.12 Course Conclusion

Training Path Description

The Certified Ethical Hacker Career Path training series is a comprehensive program designed to equip aspiring cybersecurity professionals with the skills and knowledge required to become proficient ethical hackers. This series is structured into four distinct courses, each focusing on different aspects and levels of ethical hacking, ensuring a well-rounded and in-depth understanding of the field.

 

The first course, “Certified Ethical Hacker (CEH) Version 11 Part 1: Foundations (ECC 312-50),” lays the groundwork for your journey into ethical hacking. It covers the basic principles of cybersecurity, network defense strategies, and the ethical considerations of hacking. This foundational course is crucial for understanding the responsibilities and legal framework of an ethical hacker, providing a solid base for more advanced studies.

 

Moving to the second course, “Certified Ethical Hacker (CEH) Version 11 Part 2: Ethical Hacker (ECC 312-50),” participants delve deeper into the practical aspects of ethical hacking. This course focuses on the methodologies used in penetration testing and vulnerability assessments, teaching students how to identify and exploit weaknesses in various systems and networks. It’s an essential step for those looking to apply their foundational knowledge in real-world scenarios.

 

The third course, “Certified Ethical Hacker (CEH) Version 11 Part 3: Advanced Ethical Hacker (ECC 312-50),” takes the skills learned in the previous courses to a higher level. It covers advanced techniques and tools used in ethical hacking, including sophisticated attack vectors and countermeasure strategies. This course is designed for those who want to specialize in ethical hacking and gain expertise in handling complex security challenges.

 

Finally, the series culminates with “Certified Ethical Hacker (CEH) v12,” which integrates the latest developments and emerging threats in cybersecurity. This course ensures that students are up-to-date with the newest technologies and techniques in ethical hacking, making them well-prepared to tackle current and future cybersecurity challenges. Upon completion of this series, participants will be well-equipped to pursue a career as a Certified Ethical Hacker, with a comprehensive understanding of how to protect systems and networks from malicious attacks.

Who Is This Ethical Hacker Training For?

The Certified Ethical Hacker Career Path training series is beneficial for a wide range of individuals and teams, including:

 

  1. IT Security Professionals: Those already working in IT security who want to enhance their skills in ethical hacking and cybersecurity.

  2. System and Network Administrators: Professionals responsible for managing and securing network systems.

  3. Cybersecurity Consultants: Experts who advise organizations on cybersecurity strategies and need to stay updated with hacking techniques.

  4. Penetration Testers: Specialists in testing the security of systems and applications against cyber attacks.

  5. Incident Response Teams: Teams that handle cybersecurity breaches and need to understand hacker methodologies to better defend against them.

  6. Risk Assessment Professionals: Individuals responsible for assessing and mitigating cybersecurity risks in an organization.

  7. Computer Forensics Analysts: Experts who investigate cybercrimes and require knowledge of hacking techniques for better analysis.

  8. Aspiring Cybersecurity Students: Students or recent graduates looking to enter the cybersecurity field with a specialized skill set in ethical hacking.

  9. Software Developers: Developers who need to understand security vulnerabilities to build more secure software.

  10. Government and Law Enforcement Agencies: Personnel involved in cybersecurity and cybercrime units who need to understand how hackers operate.

  11. Corporate IT Teams: In-house IT teams in corporations that need to safeguard their company’s data and infrastructure from cyber threats.

  12. Compliance and Security Officers: Professionals ensuring that organizations comply with cybersecurity laws and regulations.

This training is particularly valuable for anyone looking to specialize in cybersecurity, enhance their current skill set, or transition into a role that requires knowledge of ethical hacking and information security.

Frequently Asked Questions

What prerequisites are required for the Certified Ethical Hacker Career Path training series?

This training series typically requires a basic understanding of networking, systems, and IT security concepts. Prior experience in IT or cybersecurity can be beneficial, but beginners with a strong interest in the field may also enroll.

How long does it take to complete the entire training series?

The duration can vary depending on the individual’s pace of learning and prior knowledge. Generally, it might take several weeks to months to thoroughly cover all the material and gain a deep understanding of each course.

Is this training series suitable for someone with no prior experience in cybersecurity?

While having some background in IT or cybersecurity is advantageous, the series starts with foundational concepts, making it accessible to motivated individuals with no prior experience. However, such individuals may need to dedicate additional time to grasp the basics.

What kind of certification will I receive upon completing the series?

Upon successful completion of the series and passing any required exams, participants will be eligible to receive the Certified Ethical Hacker (CEH) certification from the EC-Council, which is recognized globally.  ITU provides you with a Certificate of Completion but students are reponsible to scheduling and paying for any addition exam costs associated with the EC-Council.

Are there any hands-on opportunities or practical exercises included in the training?

Yes, the training series includes practical exercises and hands-on labs to provide real-world experience in ethical hacking techniques. This practical approach is crucial for understanding how to apply theoretical knowledge in actual cybersecurity scenarios.