introduction to ethical hacking - seco-institute.org · in general •the ethical hacking...
TRANSCRIPT
Introduction to Ethical Hacking
General Introduction to Ethical Hacking Practitioner
General Introductionto Ethical Hacking Practitioner
General Information
3General Introduction to Ethical Hacking Practitioner
4
SECO-Institute Cyber Security & Governance Certification Program
General Introduction to Ethical Hacking Practitioner
In General
• The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification track.
• This course will allow you to acquire intermediate-level Ethical Hacking skills. You will familiarise yourself with such techniques as analysingnetwork traffic, hacking wireless networks, scanning networks, and penetrating computer systems and websites. The course offers a perfect mix of theory and practice, where practical examples are illuminated with case studies.
5General Introduction to Ethical Hacking Practitioner
Learning Objectives
•Students know what steps to take in the preparation and execution of a hack (pentest)
•Students are able to use open and closed sources to gain intelligence on a target
•Students are able to gather intelligence by scanning (network, footprinting & vulnerability)
•Students know how to verify the vulnerabilities found
•Students understand the PKI and possible attack vectors
6General Introduction to Ethical Hacking Practitioner
Course Topics
•The course consists of 8 topics, a recapitulation module and a lab exercise (Capture the Flag)
•Module 1: Introduction to Ethical Hacking Practitioner
•Module 2: Reconnaissance and Intelligence Gathering
•Module 3: Infrastructure Security Part I
•Module 4: Infrastructure Security Part II
•Module 5: Web Applications I
•Module 6: Web Applications II
7General Introduction to Ethical Hacking Practitioner
Course Topics
•Module 7: Systems and Applications
•Module 8: Exploiting Buffer Overflows
• Recapitulation
• Capture the Flag
•Note: Capture the Flag is a practical exercise that makes up 30% of your final examination score. Your CtF results should be saved as a text file and be uploaded to the online examination environment as part of your exam
8General Introduction to Ethical Hacking Practitioner
Course Material
9General Introduction to Ethical Hacking Practitioner
Structure of the Course
• The course material is made up of:
•One slide deck per course module (both notes and tablet version)
• Each module consists of:
• An introduction including a description of the learning objectives
• A graphical depiction of the course structure and/or a brief content overview
• Theory mixed with practice questions or a case study
• A concluding summary
• A Goody Bag with additional information, recommended literature, etc.
10General Introduction to Ethical Hacking Practitioner
Version number
• The version number of the course material can be found at the back cover of each slide deck.
• The version number of this course is EHP-EN-2018-01a
11General Introduction to Ethical Hacking Practitioner
Icons Used in Course Material
12
• Essential information students must know for the exam
• Useful information that will be briefly discussed but is not part of the exam
• Homework that will not be covered in class but is part of the exam
• Definition
• Goody Bag: useful links, literature, etc.
• Region-specific information
• The lack of an icon doesn’t mean the given material is not part of the exam. It still is!
General Introduction to Ethical Hacking Practitioner
13General Introduction to Ethical Hacking Practitioner
Bicsma BV
• SECO-Institute uses the fictional business Bicsma in its exercises
• Bicsma is a fictional organisation created to provide context for the case studies and practical exercises in the courses of the SECO-Institute.
• Information about the Bicsma BV organisation model can be found at http://www.bicsma.com. The username is bicsma and the password is training
14General Introduction to Ethical Hacking Practitioner
Bicsma BV – Welcome!
15
http://www.bicsma.com
General Introduction to Ethical Hacking Practitioner
Examination
16General Introduction to Ethical Hacking Practitioner
Examination
• SECO-Institute allows you to take exams online. Our online examination system allows you to book your exam and take it at any place convenient to you.
• You can book your exam at the SECO-Institute website https://www.seco-institute.org/certification-exams/how-to-book
•When selecting your exam, make sure you select the 2018 version
• Exam results are communicated one month after completion of the exam
• You will receive your certificate after the results have been published
17General Introduction to Ethical Hacking Practitioner
Exam Regulations
• Pass mark: 60% out of 100%
•Open book/notes: no
• The exam regulations can be found on the SECO-Institute website: https://www.seco-institute.org/certification-exams/how-to-register
• Time allotted for the exam: 2 hours
•Number of questions:
• 10 Multiple choice: 3 points per question
• 5 Open questions: 8 points per question
• The last lab exercise makes up 30% of the final examination score, thus results should be saved as a text file. These file should be uploaded to the online examination environment.
18General Introduction to Ethical Hacking Practitioner
Certification
19General Introduction to Ethical Hacking Practitioner
Certification
•Upon successful completion of your exam, you can claim your certification title at the SECO-Institute
20General Introduction to Ethical Hacking Practitioner
Certification
• The SECO-Institute issues 3 types of certification titles:
• SECO-Institute Practitioner certification titles: Upon successful completion of a Practitioner exam, you can claim the Practitioner title.
• SECO-Institute Expert certification titles: Upon successful completion of an Expert exam, you can claim the Expert title.
• SECO-Institute Certified Officer certification titles: In the possession of an expert-level certification, you can apply for the highest-level qualification: the Certified Officer certification. This certification does not only require students to possess (at least expert-level) subject knowledge but also a minimum of 3 years of full-time work experience.
• https://www.seco-institute.org/claim-your-title
21General Introduction to Ethical Hacking Practitioner
22Module 3: Infrastructure Security Part I
EHP-EN-2018-01a