|
Hacking, Penetration Testing, and Defense |
 |
 |
 |
|
Developing a defensive approach to the tactics that hackers and malicious intruders use to analyze and target your critical information assets can provide your organization with the security you require in this internet and information based business world. The course is taught by expert instructors that bring real-world penetration testing and ethical hacking experience and research knowledge to the classroom. You’ll learn step-by-step procedures for executing attacks, conducting penetration tests and defending against attacks on Internet and intranet networks in a hands-on class¬room environment. By learning how to implement these security techniques and methodologies, you can actively defend your critical information assets against malicious intruders.
A security checklist of activities will be discussed with a focus on best practices. Resources for use outside the classroom will be provided and reviewed. This class will give you a solid understanding of computer security and help your organization grow and prosper in today’s e-business world.
Course details are provided below and are also available in PDF format.
REGISTER HERE
COURSE DETAILS
Course Length & Intended Audience, Pre-requisites:
- Duration: 3 days
- Intended Audience:
- Information security auditors, analysts, and consultants
- Developers
- Project managers
- Business & requirements analysts
- Basic technical background mandatory
- Knowledge of Windows and Linux recommended
Course Objectives:
- Understand how hackers think in reference to constraints of the security professional.
- Understand the need for security in a corporate environment, how it relates to real security and how to express it in terms of ROI.
- Learn how to further knowledge in particular areas of interest in information assurance and security.
Resources & Takeaways:
- Online cccess to a course learning management system with dozens of online resources and materials
- Eclipse, Tomcat, My SQL, and source code from over 30 different real open source applications
- Demo license for Core Impact 8.0
- Course book containing printouts of each slide along with detailed notes in paragraph form
Course Outline:
- Intro
- Thinking like a Hacker
- VMWare Basics
- Intelligence Gathering
- Footprinting 101
- DNS
- SNMP
- Lab 1
- Google Hacking
- Lab 2
- Service ID
- Musical Services (Find them)
- Tunneling
- Passwords Windows/Linux
- Find the passwords
- Sniffing Passwords
- Cracking Passwords
- Lab 4
- Vulnerability Assessments
- Structured Approach OSSTMM
- NESSUS
- Core Impact
- CANVAS
- Lab 5
|
- Exploitation Framework
- ExploitME!
- Parameter validation
- XXS
- Sql Injection
- Backtrack
Penetration Testing Methodologies
- Penetration Test vs. Vulnerability Test
- Reliance on Checklists and Templates
- Phases of Penetration Testing & Testing Tools
- Passive Reconnaissance & Best Practices
- Security Assessment vs. Security Auditing
- Vulnerability Assessment vs. Penetration Testing
- Do-it yourself Testing & Professional Firms
- Pen-Test Service Level Agreements & Insurance
- Black Box, White Box, and Grey Box Testing
- Manual And Automated Penetration Testing
- Evaluating Different Types of Pen-Test Tools
- Asset Audit, Fault Tree and Attack Trees
- Device, Web Server, Perimeter Firewall Inventory
- Load Balancer Inventory
- Demilitarized Zone Firewall
- Internal Switch Network Sniffer
- Application and Database Server Inventory
- Name Controller and Domain Name Server
- Physical Security, ISP Routers
- Network Traffic & Running Process Threats
- Loss of Confidential Information &Business Impact
- Pre and Post-testing dependencies
Failure Management & Test Documentation |
- Course Length: 3 days
- Tuition: $1799 per person
- Dates: June 23, 24 and 25th 2010.
- Group Discounts Available
- Onsite training and customized content available
REGISTER HERE
|
