cise & ceh
TRANSCRIPT
Home
Entrance Exams
CBSE Helpline
Sample Papers
Important Questions
Project Work
Forum
Olympiads
CBSE Schools
CBSE Grading
CBSE CCE
Studying Tips
Engineering Exam
KV HOTS
CBSE Books
CISE-Certified Information Security Expert Exam......CEH-
Certified Ethical Hacker ~ CBSE
Join Us
O r k u t
F a c e b o o k
T w i t t e r
Y a h o o G r o u p
G o o g l e G r o u p
S M S A l e r t s
CISE stands for Certified Information Security Expert. It is a certification provided
after an individual who successfully clears both the levels of ISAT.
A Certified Information Security Expert has in-depth knowledge of the internet,
networking & online threats. He is capable of identifying new threats & can be
considered as an Online Security Consultant.
If you a CISE, various opportunities are waiting for you. Various Companies will
just pick you up seeing that you are a CISE. Apart from that, it can also help you in
getting the promotion you have been looking for. The course is an excellent
investment for students in the Technology field as well as professionals in the
internet & networking field.
The CEH certification is for an individual who is usually employed with the
organization and who can be trusted to undertake an attempt to penetrate
networks and/or computer systems using the same methods as a hacker. Illegal
hacking (ie; cracking computer systems) is a felony in the United States and most
other countries. But when this type of hacking is done by request and under a
contract between an Ethical Hacker and an organization, it is legal. The most
important point is that an Ethical Hacker has authorization to probe the target
with attacks such as cross site scripting.
A Certified Ethical Hacker is a skilled professional who understands and knows
how to look for the weaknesses and vulnerabilities in target systems and uses the
same knowledge and tools as a malicious hacker.
Certification is achieved through training at an ATC (Accredited Training Center)
or self-study. If students choose to self-study, in order to sit for the exam they must
fill out an application and also have documented 2 years of information security
work experience. Both CEH v4 and v5 utilize EC-Council's exam 312-50. The exam
consists of 125 (v4) or 150 (v5) multiple-choice questions, and students are given
up to three or four hours, respectively, to complete the examination. The exam
costs US$250, and is administered via computer at an EC-Council Accredited
Training Center, Pearson VUE, or Prometric testing center (in the United States).
In today’s scenario, everything depends on IT. From tax collections, booking the cheapest airline
tickets, banking online to trading shares online, you name it! If you aren’t a part of IT revolution
yet, you are missing on a lot of ease and opportunities. But as they say, everything comes at a
price, and the price you pay here is risking your privacy and probably your bank balance!
Hacking is easier on poorly built websites and applications. There is nothing as good for a hacker
as a faulty program. During one of Innobuzz PenTest operations, we found a simple coding glitch
that revealed high priority information in the websites of one of the top 10 companies of India! It
is really that infectious! Imagine, if that can happen to large companies, where do YOU stand? If
you are a web developer, and a site designed by you is compromised, you lose your clients, if you
do business online, you lose your customers. And for the average web user, it means loss of
privacy and credit card numbers.
All this is happening at a very fast rate and experts are needed to check and cure these. ITS
Experts are in demand. According to NASSCOM, the demand for ITS Experts will be 10Lakh by
2010 in India. ITS is a THE next big thing in IT and you should make the best of it. Innobuzz
Knowledge Solutions provide quality training in field of ITS which enable you to become an
Ethical Hacker.
Our programs are well researched and developed in consultation with the best Security Experts
around the world. Doing a CISE (Certified Innobuzz Security Expert) will do a lot of value addition,
as this is a unique course offered in India.
Run hacking attacks in our classroom labs, be a hacker for a week
Some of the hacking concepts you will learn to master during this hands on hacking course...
Penetration testing methodologies
Stealthy network recon
Passive traffic identification
Remote root vulnerability exploitation
Evidence removal and anti-forensics
Attacking network infrastructure devices
Hacking by brute forcing remotely
Hiding exploit payloads in jpeg
Privilege escalation hacking
IPv6 Vulnerabilities
Remote access trojan hacking
Running shellcode in RAM vs. on disk
Wireless insecurity
Breaking IP-based ACLs via spoofing
Abusing Windows Named Pipes for Domain Impersonation
and gif image files
Hacking Web Applications
Breaking into databases with SQL Injection
Cross Site Scripting hacking
Hacking into Cisco routers
Justifying a penetration test to management and customers
CEH/CPT review
Defensive techniques
Some of the instructor-led hands-on hacking lab exercises in this security training
experience.
Capture the Flag hacking exercises every night !
Abusing DNS for host identification
Leaking system information from Unix and Windows
Windows 2003 Server & Vista DNS Cache Poisoning Attacks
Unix, Windows and Cisco password cracking
Remote buffer overflow exploit lab - heap vs. stack overflows
Attacking Kerberos Pre-Auth Hashes
Spoofing endpoints of communication tunnels
Impersonation of other Users- Hijacking kernel tokens
Attacking RDP (Remote Desktop Protocol) in Windows XP, 2003 &
Vista
Remote keylogging
Data mining authentication information from clear-text
protocols
Sniffing and hijacking SSL encrypted sessions
Breaking wireless security via hacking
Malicious event log editing
Client side IE & Firefox exploits
Tunneling through IPSec VPNs by abusing ESP
Data retrieval with SQL Injection Hacking
Calculating the Return on Investment (ROI) for an ethical
hack
Hacker Halted Conferences covers security topics in various technologies.
Here are the complete list of topics.
♣ Terrorist Threat to IT Infrastructure
♣ Cyberterrorism
♣ National Infrastructure Attacks
♣ Hackers and their Targets
♣ E-Business Security Under Threat
♣ Phishing Attacks and Social Engineering
♣ Who to Trust in this Untrusting Network world
♣ Wired or Wireless – Security analysis
♣ Prosecution of Cyber Criminals
♣ Forensics Analysis – The Failures
♣ Identity Theft and the Risks
♣ Airports, Banks, and Public Transportation. Are we safe?
♣ Hackers are here. Where are you?
♣ Are you smarter then the hackers.
♣ I can beat you. Don’t think you are smart.
♣ Software vendor’s promises and lies.
♣ Contingency Planning for Organizations
♣ Defense Against Social Engineering
♣ Facilitated Risk Analysis for Business and Security
♣ Hands-on Hacking
♣ Linux Security
♣ Wireless Security
♣ How to Be a More Effective Security Liaison:
♣ Security as a Part-time Job
♣ Effective Information Security
♣ Professional
♣ Sustain a Quality Security
♣ Awareness Program
♣ Winning Security Architecture
♣ Develop Information Security Policies
♣ Develop Information Security Standards and Procedures
♣ How to Perform a Technical Network Vulnerability
♣ Assessment
♣ Administrator Mistakes
♣ Hacker Mistakes
♣ Hiring Hackers and the Law
♣ Hacker Terrorism
♣ Computer and Network Security
♣ End-to-End Digital Investigation
♣ Knowledge Foundations for Data Communications
♣ Managing a Privacy Governance Program
♣ Outsourcing Security
♣ Encryption and Certificate Authorities
♣ Roll-Out of an Asset Classification Program
♣ Return on Investment for Information Security
♣ A Structured Approach to Incident Response
♣ Computer Forensics Tools and How to Make Them Work for You
♣ Wireless Security in the Enterprise
♣ A Pragmatic Approach to Information Security Management
♣ Demystifying Security and Audit of TCP/IP Networks
♣ Penetration Testing: HANDS-ON
♣ Essential Windows Security Tools
♣ IT Law: Business and Security Imperatives for Non-Lawyers
♣ Staying Out of Trouble with Wireless Local Area Networks
♣ Defining and Building an Enterprise Security Architecture
♣ How to Secure and Audit LDAP
♣ Creating and Implementing Security Policies
♣ Blueprint for Avoiding Identity Theft
♣ The Complete Do-It-Yourself NIST Security Toolkit
♣ E-Fraud Forensics: Understanding the Investigative Process A to Z
♣ The Good Guys’ Guide to Uncovering Network Vulnerabilities
♣ VoIP Security Exposed
♣ Hacking Windows - HANDS-ON
♣ Remote Testing for Common Web Application Security Threats
♣ How to Stop an Enemy We Can't Find: Technology on the Front Lines
♣ The Latest Network Hacks and Defenses
♣ Creating an End-to-End Identity Management Architecture
♣ VoIP Security
♣ Laws That Drive Information Security
♣ Threat Trends 2006: The Latest on Phishing, Pharming, Spyware, and More
♣ Planning and Deploying a Strategic Security Architecture
♣ Securing Today's (and Tomorrow's) Mobile Infrastructure
♣ Threats and Countermeasures: Defending Against the Worst Malware in
Windows
♣ Manager’s Guide to Perimeter Protection: Firewalls and IDS
♣ Preparing For and Handling Network Security Incidents
♣ How to Conduct a Penetration Test
♣ The Sensor Age: How RFID is about to Revolutionize Business and Information
Security
♣ Hacking Web Applications
♣ Conquering Federated Identity Management: Lessons Learned
♣ Phishing: Tackling the Problem
♣ Making Policies Work: From Creation to Enforcement
♣ What Hackers Don't Want You to Know
♣ Best Practices for Vulnerability Management
♣ Mobile Device Security
♣ First-Class Security Tips for Windows Systems
♣ How to Properly Defend Your Port 80
♣ Bleeding-Edge Anti-Forensics
♣ Hardware Token Compromises and Fixes
♣ Advanced SQL Injection
♣ Managing Identity and Access Control Management for Enterprise Security
♣ Google Hacking - DEMO
♣ Presenting the Business Case and ROI for InfoSec
♣ Regulation Riptide: Staying Above Water with Compliance and InfoSecurity
♣ Security in the Services-Oriented Architecture
♣ Safety on the Road: Key Tools to Protect Road Warriors
♣ Rootkits in Windows
♣ Perimeter Penetration Testing
♣ Creating a Threat Recognition Architecture in a Federal Agency
♣ Centrally Managing Fine-Grained Database Access
♣ Managing IT Risks Through the Assessment Process
♣ Different Styles of Intrusion Prevention: What Keeps Out the Hackers?
♣ System Configuration Management: Security and Auditing Challenges
♣ WPAN Security Exposed
♣ Patch Management in a Complex IT Environment
♣ Hacking IPSec Virtual Private Networks (VPNs)
♣ Hacking and Securing .NET
♣ Network Devices Exposed! Routers, Switches, Wireless, Modems, and More
♣ Taking Your Instant Response Team to the Next Level
♣ Identity and Access Management Deployment: Lessons Learned
♣ Biometrics: Opportunities and Challenges
♣ Taking Control of Your Career: Development Options for Information Security
Professionals
♣ How to Use PERL as a Security and Audit Tool
♣ Creating and Implementing IM Policies
♣ Late-Breaking Technology Session!
♣ Security and the Homeland
♣ Penetration Testing Databases and Countermeasures
♣ Implementing Cross-Company Authentication Using SAML
♣ Building Security In: Software Security Gets Real
♣ Technical Policy Management
♣ Potholes that Could Derail an Information Security Program
♣ Identity Theft: What, How and Protective Measures
♣ Preparing for the Coming VoIP Security Revolution: IMS
♣ Computers, Crime and Punishment
♣ Creating a Computer Forensic Policy as Part of Your Cyber Response Plan
♣ Leveraging Freeware Hacker Tools
♣ Securing Unix-Based Operating Systems
♣ Protecting Your Network from Next Generation Attacks - DEMO
♣ The Role of Directory Services in Identity Solutions
♣ Hacking Web Services: Strategies, Tools, and Methods - DEMO
♣ Managing Security and Privacy Projects
♣ Everything You Need to Know About Encryption in 90 Minutes
♣ Attacking and Defending RFID Security
♣ Next-Generation Wireless Attacks and Defenses
♣ Firewall Technology: Where Is It Headed?
♣ Looking in the Windows Registry for Forensic Purposes
♣ Open Source Tools for Securing the Infrastructure -
♣ Cops and Robbers Las Vegas Style
♣ Web Application Security Assessments
♣ Provisioning: The ID Management Back Office
♣ Securing the Brains of the Network: DNS and DHCP
♣ Policies for Identity Management
♣ Keeping E-Messaging Secure
♣ Conducting a Business Impact Analysis and Creating a Disaster Recovery Plan
♣ SSL Remote Access Tactics: Unsafe at Any Speed?
♣ Securing Windows 2003
♣ Secure Network Change Management: Look Before You Change
♣ Handling Evidence in an E-Fraud Investigation
♣ Tracking USB Storage Devices Across Windows Systems
♣ ARP Spoofing and Beyond: Attacks and Protection at Layer 2
♣ Integrating Enterprise Access Solutions into a Seamless System
♣ Auditing Web Application Authentication
♣ Getting the Most Out of Your Ethical Hacking Program
♣ Life After California SB1386: Getting a Handle on Security Breach Notification
Laws
♣ Managing IT Risk and Compliance: An Effective Framework for the Enterprise
♣ Hacking SSL Virtual Private Networks (VPNs)
♣ Protecting Your Penguins: Developing a Baseline for Linux Security
♣ What Every Organization Should Monitor and Log: A Checklist
♣ The Time is Now: The Convergence of Networks, Time Synchronization and
Information Security
You can register and take any e-Business certification exams through web based Prometric
Prime at http://eccouncil.prime.prometric.com Any EC-Council Accredited Training Center can
proctor the exam. You cannot take the exam directly through the Internet without a proctor.
Cost
Certification exams are priced according to currency values in available countries. Certification
exam prices are subject to change. In some countries, exam prices may differ and additional
taxes may apply. Please contact your ATC for exact pricing.
Exam Fees
Exams with prefix of 212 are priced at $99 U.S.
Exams with prefix of 112 are priced at $ 125 U.S
Exams with prefix of 312 are priced at $250 U.S
Payment is made to Prometric at the time of registration. Prometric accepts payment by credit
card.
Pre-paid exam vouchers
Exam vouchers are available from EC-Council Accredited Training Centers around the world.
Candidates may also purchase pre-paid exam vouchers directly by contacting
EC-Council exams are also available through Authorized Prometric Testing Centers in over 180
countries.
Exams Available at APTC
Currently the following exams are available at APTC
E-Commerce Architect
(Exam Code: EC0-232)
Cost: USD 125/-
This exam only available at Prometric
Ethical Hacking and Countermeasures
(Exam Code: EC0-350)
Cost: USD 250/-
This exam available at Prometric and VUE
Computer Hacking Forensic Investigator
(Exam Code: EC0-349)
Cost: USD 250/-
This exam available at Prometric and VUE
EC-Council offers the Certified Ethical Hacker Certification Exam over these
channels.
1. Exam 312-50: Web based ‘Prometric Prime’ at Accredited
Training Centers (ATC).
2. Exam EC0-350: Proctored test at Authorized Prometric
Testing Centers (APTC) globally.
3. Exam 312-50: VUE Testing centers
Please note that the difference in the exam is only in terms of exam delivery
channel and are otherwise identical in source.
Eligibility Requirements
To be eligible for appearing in the CEH certification examination, you must:
1. Have attended training for the CEH course at any of the
accredited training centers. Should you choose to defer taking
the examination after your training, and would like to opt for
another location; you can apply for the same at a later date at
any ATC of your choice by submitting your certificate of
attendance to EC-Council.
2. If you have opted for self-study and not attended training, you
must have at least two years of information security related
experience.
Please download and complete the CEH Exam (EC0-350)
Application Form and fax it to EC-Council at +1-505-
212-0667 for verification. Upon approval, EC-Council will
send you an eligibility voucher number which you can use to
register and schedule the test at any Authorized Prometric
Testing Center globally. Please note that Prometric
Registration will not entertain any requests without this
voucher number.
Certification Fees
1. If you have attended training at any accredited training
center, you are eligible to appear for the web based Prometric
Prime exam. This exam is priced at USD 250.
2. If you have chosen self study, and are eligible for the exam as
verified from the CEH Exam EC0-350 Application Form
submitted, you can take the test at any of the Authorized
Prometric Testing Centers globally. This exam is priced at
USD 250.
Scheduling Process
1. If you are appearing for Exam 312-50 the web based
Prometric Prime exam, you can contact your ATC to schedule
the exam.
2. If you are appearing for Exam EC0-350 at any authorized
Prometric Testing center, you can schedule the exam by
contacting Prometric directly. You can use the voucher
number given to you by EC-Council upon approval of your
eligibility application form. Please note that Prometric will
NOT schedule exams without the voucher number.
3. For VUE, please visit http://www.vue.com/eccouncil
What is the difference between Exam 312-50 and Exam EC0-350?
EC-Council offers the Certified Ethical Hacker examination over two channels – the
EC-Council Accredited Training Center (ATC) and the Authorized Prometric
Testing Center (APTC). Only students who undergo training for CEH at any ATC
are eligible to appear for the web based Prometric Prime exam (Exam 312-50).
Students who opt to pursue self study can appear for the exam EC0-350 at the
Authorized Prometric Testing Center after they fulfill the examination eligibility
criteria and produce the voucher number to Prometric.
In all other aspects the exams are identical in source and lead to the certification
‘Certified Ethical Hacker’.
Should I attend training to appear for the CEH exam?
EC-Council recommends that CEH aspirants attend formal classroom
training at any of the accredited training centers to reap maximum benefit
of the course and have a greater chance at clearing the examinations. The
ATC will check your work experience before registering for the class. You
are also required to sign a Non-Disclosure Agreement (NDA) when you
enroll for the class.
What are the pre-requisites for taking a CEH exam?
If you attend CEH training, you are eligible to appear for the CEH
examination. If you opt for self study, you must complete the eligibility form
and fax it to EC-council for approval.
Is there any eligibility criteria?
It is mandatory for you to record two years of information security related work
experience and get the same endorsed by your employer. In case you do not
possess the same you can send us a request detailing your educational background
and request for consideration on a case basis.
Why do I have to get approval from EC-Council to appear for the exam without the
training?
EC-Council presents the body of knowledge through CEH to educate and assist
information security professionals in hacking tools and techniques for legally
accepted security testing purposes. It is the social responsibility of EC-Council to
ensure that this knowledge is imparted to people with the right intent and obtain
assurance that this body of knowledge will not be misused
Where do I purchase the prepaid examination vouchers?
You can purchase the vouchers directly from VUE or Prometric.
I have just completed the training. Can I defer taking a test to a later date?
Yes, you can. Ensure that you obtain a certificate of attendance upon completion of
the training. You may contact the ATC at a later date and schedule the exam.
I have just completed the training. Can I take the test at a different location?
Yes, you can. You can take the exam at any ATC offering the CEH program by
presenting your certificate of attendance. This will be verified against our records
and your exam can be scheduled.
Do I have to recertify?
You will need to earn EC-Council Continuing Education Credits (ECE) to maintain
the certification. Click here for more information.
Why are there different versions for the exam?
EC-Council certifications are under continuous development. We incorporate new
techniques and technology as they are made available and are deemed necessary
to meet the course objectives. This is reflected in our examination process as well
as students are tested on concepts, techniques and technology.
How many times can I appear for the examination in case I do not pass in the first
attempt?
There are no restrictions on the number of times you can appear for the
examination, as long as you are able to contact the test center and schedule your
exam in advance. There is no waiting period between attempts.
To request for another eligibility voucher to resit for the exam at Prometric APTC,
send an e-mail to [email protected] with your details. You don't need to go
through eligibility application process again.
Can I take the exam at VUE testing centers?
Yes. The 312-50 exam is available at VUE testing centers as well. Just like
Prometric APTC, you will need an eligibility number to attempt the exam at Vue.
The eligibility number issued for Prometric cannot be used for VUE and vice versa.
You can indicate in the eligibility application form which center you will be taking
the test. Please visit VUE's EC-Council testing page at
http://www.vue.com/eccouncil
Will EC-Council help me in scheduling the Prometric exam?
You are advised to contact Prometric Registration up to one business day prior to
the date of the scheduled exam, before 7pm Central Standard Time.
When will I get my certificate once I pass the certification examination?
You will receive your welcome kit in eight week’s time upon passing the exam.
How many questions are there in the exam and what is the time duration?
The examination consists of 150 questions. The duration of the test varies according to location
and channel. The exam 312-50 offered through Prometric Prime is of four hour duration. The
exam EC0-350 offered through Prometric APTC is four hours for English speaking countries (US
and others) and four and half hours for Non English speaking countries.
How much should I score to clear the exam?
The passing score is 70%.
I am doing a self study, how do I know I am ready to take the exam? Are there any
practice tests?
Yes, you can take our practice tests to become familiar with the examination
approach.
Can I purchase practice tests?
CEH exam practice tests are available from PrepLogic http://www.preplogic.com
What kind of questions can I expect in the exam? Do you have any exam pointers?
The examination tests you on security related concepts, hacking techniques and
technology. You will be asked to decipher exploit codes, study log files, infer output
and apply the knowledge acquired through the course.
Can I review my answers?
You can mark your questions and review your answers before you end the test.
Register by Telephone
In the US and Canada, candidates can register for EC-Council exams by calling Prometric's direct EC-Council toll-
free registration line at (800) 815-3926 between 7:00 a.m. and 7:00 p.m. CST. Outside the United States and
Canada, please visit www.prometric.com for a complete list of exam registration phone numbers.
Register Online
Candidates can register for EC-Council exams at www.2test.com, Prometric's online registration web site. Online
registration is not available for beta exams. Online exam registration is available in most countries.
Testing Locations
To locate the Testing Center nearest to you, please visit Prometric.com web site.
Please be prepared to provide the following information to Prometric when calling to schedule
your test appointment:
1. First and last name: Please provide your name as you would like it to
appear on your certificate.
2. Social Security Number: For candidates who do not have a Social
Security Number or do not wish to provide one, Prometric will assign a
unique identification number. Please use this ID number each time that
you schedule a new exam.
3. Mailing address: Please list the address to which all correspondence
should be mailed.
4. Company name: If you have listed your business address, please include
your company name to ensure appropriate routing.
5. E-mail address: For the latest program updates, email is the most
efficient and effective means of contacting you.
6. Contact phone numbers
7. Exam number and title
8. Testing center preference: A Prometric customer service representative
can help you identify the testing center near your location.
9. Method of payment (cash, personal check, credit card (American
Express, Mastercard, and Visa), bank transfers, etc.) Payment options
may vary by country.
If your address has changed since you last registered for an exam, please contact Prometric to
update your demographic information.
Scheduling Process
Prometric will schedule each candidate into an Authorized Prometric Testing Center for their
exam appointment. Prometric Registration will only schedule exams that have been paid.
Candidates who need to reschedule an exam can do so as long as they contact Prometric
Registration up to one business day prior to the date of the scheduled exam, before 7pm Central
Standard Time.
Exam Day
It is important that a candidate arrives at the testing center at least fifteen minutes before the scheduled exam
time. The candidate is also required to bring two forms of signature identification, one with a photograph, for
verification purposes. To maintain the security of the test environment, candidates are not permitted to bring
reference materials of any kind into the testing center.
After an exam has been taken a candidate will automatically receive a score report indicating a
pass/fail. If a candidate has taken a beta exam, however, a score report will be sent six to eight
weeks after the termination of the beta availability period.
Exam Retake Policy
Candidates may attempt each exam any number of times, there is no waiting period between attempts.
Ethical Hacking and Countermeasures
(312-50)
New CEHv6 Exam
The CEHv6 exam is currently in beta and will be available on the 5th November,
2008. The CEH v5 exam will be available until June 3rd, 2009 then retired.
Note:
The exam codes EC0-350 are 312-50 are the same exam.
The exam title "Certified Ethical Hacker" and "Ethical Hacking and
Countermeasures" are the same
VUE and Prometric systems use different exam codes.
The CEHv4 exam has been retired since June 1st 2007
CEHv5 exam is available on Prometric Prime, APTC and VUE.
Exams at VUE and Prometric APTC requires Eligibility Code. Please
visit http://www.eccouncil.org/takeexam.htm for details
Credit Towards Certification
Certified Ethical HackerMaster of Security Science (MSS)
Exam Details (CEHv5)
Number of Questions: 150Passing Score: 70%
Test Duration: 4 Hours Test Format: Multiple Choice
Test Delivery: Prometric Prime Exam Version: 5
Release Date: November 13th, 2006Exam Cost: USD 250
Skills Measured
The Exam 312-50 tests CEH candidates on the following 22 domains.
1. Ethics and Legal Issues
2.Footprinting
3.Scanning
4.Enumeration
5.SystemHacking
6.TrojansandBackdoors
7.Sniffers
8.Denial of Service
9. Social Engineering
10. Session Hijacking
11. Hacking Web Servers
12. Web Application Vulnerabilities
13. Web Based Password Cracking Techniques
14. SQL Injection
15. Hacking Wireless Networks
16. Virus and Worms
17. Physical Security
18. Hacking Linux
19. IDS, Firewalls and Honeypots
20. Buffer Overflows
21. Cryptography
22. Penetration Testing Methodologies
Ethics and Legality
Ethics and Legality
Understand Ethical Hacking terminology
Define the Job role of an ethical hacker
Understand the different phases involved in ethical hacking
Identify different types of hacking technologies
List the 5 stages of ethical hacking?
What is hacktivism?
List different types of hacker classes
Define the skills required to become an ethical hacker
What is vulnerability research?
Describe the ways in conducting ethical hacking
Understand the Legal implications of hacking
Understand 18 U.S.C. § 1030 US Federal Law
Footprinting
Define the term Footprinting
Describe information gathering methodology
Describe competitive intelligence
Understand DNS enumeration
Understand Whois, ARIN lookup
Identify different types of DNS records
Understand how traceroute is used in Footprinting
Understand how e-mail tracking works
Understand how web spiders work
Scanning
Define the term port scanning, network scanning and
vulnerability scanning
Understand the CEH scanning methodology
Understand Ping Sweep techniques
Understand nmap command switches
Understand SYN, Stealth, XMAS, NULL, IDLE and FIN scans
List TCP communication flag types
Understand War dialing techniques
Understand banner grabbing and OF fingerprinting
techniques
Understand how proxy servers are used in launching an
attack
How does anonymizers work
Understand HTTP tunneling techniques
Understand IP spoofing techniques
Enumeration
What is Enumeration?
What is meant by null sessions
What is SNMP enumeration?
What are the steps involved in performing enumeration?
System hacking
Understanding password cracking techniques
Understanding different types of passwords
Identifying various password cracking tools
Understand Escalating privileges
Understanding keyloggers and other spyware technologies
Understand how to Hide files
Understanding rootkits
Understand Steganography technologies
Understand how to covering your tracks and erase evidences
Trojans and Backdoors
What is a Trojan?
What is meant by overt and covert channels?
List the different types of Trojans
What are the indications of a Trojan attack?
Understand how “Netcat” Trojan works
What is meant by “wrapping”
How does reverse connecting Trojans work?
What are the countermeasure techniques in preventing
Trojans?
Understand Trojan evading techniques
Sniffers
Understand the protocol susceptible to sniffing
Understand active and passive sniffing
Understand ARP poisoning
Understand ethereal capture and display filters
Understand MAC flooding
Understand DNS spoofing techniques
Describe sniffing countermeasures
Denial of Service
Understand the types of DoS Attacks
Understand how DDoS attack works
Understand how BOTs/BOTNETS work
What is “smurf” attack
What is “SYN” flooding
Describe the DoS/DDoS countermeasures
Social Engineering
What is Social Engineering?
What are the Common Types of Attacks
Understand Dumpster Diving
Understand Reverse Social Engineering
Understand Insider attacks
Understand Identity Theft
Describe Phishing Attacks
Understand Online Scams
Understand URL obfuscation
Social Engineering countermeasures
Session Hijacking
Understand Spoofing vs. Hijacking
List the types of Session Hijacking
Understand Sequence Prediction
What are the steps in performing session hijacking
Describe how you would prevent session hijacking
Hacking Web Servers
List the types of web server vulnerabilities
Understand the attacks Against Web Servers
Understand IIS Unicode exploits
Understand patch management techniques
Understand Web Application Scanner
What is Metasploit Framework?
Describe Web Server hardening methods
Web Application Vulnerabilities
Understanding how web application works
Objectives of web application hacking
Anatomy of an attack
Web application threats
Understand Google hacking
Understand Web Application Countermeasures
Web Based Password Cracking Techniques
List the Authentication types
What is a Password Cracker?
How does a Password Cracker work?
Understand Password Attacks - Classification
Understand Password Cracking Countermeasures
SQL Injection
What is SQL injection?
Understand the Steps to conduct SQL injection
Understand SQL Server vulnerabilities
Describe SQL Injection countermeasures
Wireless Hacking
Overview of WEP, WPA authentication systems and cracking
techniques
Overview of wireless Sniffers and SSID, MAC Spoofing
Understand Rogue Access Points
Understand Wireless hacking techniques
Describe the methods in securing wireless networks
Virus and Worms
Understand the difference between an virus and a Worm
Understand the types of Viruses
How a virus spreads and infects the system
Understand antivirus evasion techniques
Understand Virus detection methods
Physical Security
Physical security breach incidents
Understanding physical security
What is the need for physical security?
Who is accountable for physical security?
Factors affecting physical security
Linux Hacking
Understand how to compile a Linux Kernel
Understand GCC compilation commands
Understand how to install LKM modules
Understand Linux hardening methods
Evading IDS, Honeypots and Firewalls
List the types of Intrusion Detection Systems and evasion
techniques
List firewall and honeypot evasion techniques
Buffer Overflows
Overview of stack based buffer overflows
Identify the different types of buffer overflows and methods of
detection
Overview of buffer overflow mutation techniques
Cryptography
Overview of cryptography and encryption techniques
Describe how public and private keys are generated
Overview of MD5, SHA, RC4, RC5, Blowfish algorithms
Penetration Testing Methodologies
Overview of penetration testing methodologies
List the penetration testing steps
Overview of the Pen-Test legal framework
Overview of the Pen-Test deliverables
List the automated penetration testing tools
CBSECBSE Result 2011
Enter your Email ID below
Get all Latest Sample Papers in your inbox !
Latest
CBSE Heritage India Quiz 2011
AIEEE 2011 Rescheduled Exam
CBSE Science Exhibition 2011
Central Teacher Eligibility Test (CTET)
Computers in Engineering Graphics Laboratories
Most Popular
Importance of good handwriting in Exams.
How To Prepare For IIT-JEE And AIEEE
Become a classroom star
Tips and Tricks to Score Best Marks in Exams.
A study Schedule to crack TOEFL, IELTS !
Improve your Study Skills in Exam time.
Better English Speaking Skills.
5 Ways to improve your Memory.
Some AIEEE counseling Tips.
Settling in to university.
Must Dos for students.
Understanding Stress: Common reactions
High risk Behavior: Drug abuse.
Psychosomatic Symptom
Handling Suicide
Must Dos for parents
Most Frequently asked questions on Exams.
How to score Good marks in CBSE.
What to do after 10th and 12th ???
Online CAT entrance exams preparation
Career options in Commerce stream
Career options in Science stream
CBSE Latest Sample Question Papers
How to prepare for English in CBSE
How to solve question Paper ?
Examination Tips and Tricks
Career options after 12th and 10th
How to avoid stress Before Exams.
CBSE Tips for scoring Good marks
University Results :
CCS University, Meerut Results
Guru Nanak Dev University (GNDU) Results
Annamalai University Distance Education
Maharishi Dayanand University MDU Results
IGNOU Results Indira Gandhi National Open University
Delhi Book Fair 2009 at Pragati Maidan
UPSC Toppers Interview
Archive
► 2011 (2)
o ► January (2)
AIEEE Application Form Status
Vocational Education in India
► 2010 (26)
o ► November (6)
CBSE Scholarship
CBSE Eligibility for Improvement of Performance Ex...
CBSE Class 10 Passing Criteria
CBSE Class 10th Admission Eligibility Criteria
CBSE Class 12th Admission Eligibility Criteria
CBSE Admission Procedure to Class XI
o ► September (2)
CBSE SGAI
Optional Proficiency Test for Class X
o ► August (1)
CWG Theme Song
o ► July (3)
CBSE SGAT
Rupee Symbol of India Finalised
CBSE Online
o ► June (2)
DU Cut-off List
CCE Sample Papers
o ► May (6)
CGPA to Percentage Calculator
Admission of CBSE students in Class XI Eligibility...
CBSE Passing Criteria for Class X
Statement of Subject wise Performance for Class X
CBSE CGPA to Percentage Calculator
CBSE Result 2010 Class X and Class XII
o ► April (2)
AIEEE 2010 Solutions, Answer Key, Cutoff and Resul...
Right to Education Act, 2009 Rules
o ► March (2)
CBSE Syllabus of Media Studies for Class XI
CBSE Syllabus of Media Studies for Class XII
o ► February (1)
CBSE Helpline Numbers and list of Counselors
o ► January (1)
List of Deemed Universities in India
► 2009 (96)
o ► December (2)
CBSE Duplicate Certificate
IIT JEE Previous Year Question Papers with Solutio...
o ► November (3)
CBSE Mathematical Olympiad Sample Papers
AIEEE 2010 Online Application Form
NTSE Sample Papers
o ► October (3)
PMT Question Papers
India University Exam Results Semester and Year wi...
CBSE CCE In Class IX Exams 2nd Term (October 2009 ...
o ► September (2)
MP Board Results 2010 | mpbse.nic.in | M.P Board E...
CBSE Improvement Exams Rules and Procedure for Cla...
o ► July (3)
CBSE Compartment Results 2010 Class 10th and 12th ...
WBSSC Result 2010 | West Bengal SSC Exam Result
MSBTE Summer Results 2010 : Maharashtra State Boar...
o ► June (3)
GGSIPU IP Counselling Requirements and Tips
FYJC Mumbai 11th Standard Online Admission Process...
Bharathiar University UG Results 2010
o ► May (8)
AIEEE 2010 Exam Results
IIT JEE 2010 Results Released for Delhi, Bombay, M...
PTU DateSheet 2010 B.Tech | Punjab Technical Unive...
Tamil Nadu HSC Results 2010 Pallikalvi TN Board Re...
Kerala Higher Secondary Result HSE 20010 +2 Result...
RGTU Time Table Bhopal RGTU Results 2010 RGTU Syll...
o ► April (5)
o ► March (10)
o ► February (18)
o ► January (39)
▼ 2008 (478)
o ▼ December (54)
Happy New Year from CBSE Blog !!!
Latest Sample Papers 2009 released by CBSE !
CBSE Datesheet 2009 Released !
More CBSE schools to come up in city....
CBSE to introduce Grading System till Class XII
CBSE Important Questions Class XII Computer Scienc...
CBSE Important Questions Class XII 2009 Accountanc...
CBSE Important Questions Class XII 2009 Accountanc...
CBSE Important Questions Class XII 2009 Accountanc...
Engineering College Admissions ~
Career in Animation ~
Schools of India !
CBSE Sample Paper Class XII Physical Education Sol...
CBSE Sample Paper Class XII Physics 2009
CBSE Guess Paper Class X 2009 Chemsitry
CBSE Guess Paper Class X 2009 Physics !
QUIZ IS FUN !
Song of Youth.....India
Merry Christmas Everyone !
INTELLIGENCE TEST - QUIZ FOR THE WISE GUY !
Inspirational Quotes about Lesson in Life ~ CBSE
Stupid Signs - funny stupid signboards ~ CBSE
EXCUSES FOR NOT DOING HOMEWORK ! CBSE FUN
Fun Quiz - interesting tricky quiz !
Eight per cent Delhi University students are smoke...
Delhi University voters spring a surprise ~ CBSE N...
Delhi University teachers on strike for more pay ~...
Guarantee To Success for CBSE Students !
BECOME A CLASS ROOM STAR ~ Study Tips
Score Best in Computer Science C++ Class XII and C...
The Theme for Cenbosec Issue (Jan. - March 2009) ~...
Results of Zonal Informatics Olympiad 2010
CBSE Important Questions Class XII Physics !
CBSE Important Questions Class X Science Magnetic ...
Help us to Improve our Site !
Tips and Tricks for Scoring Best Marks in Exams :-...
Top rated Institutes/Universities of India :- Best...
Top World Universities for Abroad Studies :- Best ...
Top Asian Universities for Abroad Studies !
Top USA & Canada Universities for Abroad Studies !...
MANIPAL UNIVERSITY ADMISSIONS 2009 Post Graduate P...
U.P TECHNICAL UNIVERSITY UPTU UPTECH Entrance
Exam...
HOTS Questions 2010 for class 10 and class 12 High...
Important Questions for AIEEE - AIEEE Question Pap...
What Makes A Good Science Project?
List of Engineering Entrance Examinations 2009
Common Proficiency Test (CPT) Exam 2010
IIT JAM 2009 Application Seats and Programmes
CISE-Certified Information Security Expert Exam......
Online Nominal Rolls (Computerised List of Candida...
15th National Sahodaya Conference
CBSE Cluster XII (Delhi) Athletic Meet 2008-2009 r...
CBSE HERITAGE INDIA QUIZ – 2010 ANNOUNCEMENT –
NA...
Central Sector Scheme of Scholarship for College a...
o ► November (10)
o ► October (24)
o ► September (52)
o ► August (68)
o ► July (54)
o ► June (42)
o ► May (173)
o ► April (1)
Free SMS India Healthcare Delhi UPSC Vocational Training NIOS ICSE NCERT
IGNOU SSC SCERT
iCBSE © 2010
HOME
SITEMAP
DISCLAIMER
COMMENTS RSS
UPSC