Certified Ethical Hacker Seminar training classes conferences & workshops presented by New Horizons register for training on FindaSeminar.com


Add your seminars

Training Calendar Creator Seminar Venues Training Provider Directory

New Seminar Search:  


Helpful links

find similar training...
Search by state...
Customer Support

Do you need help finding the right class, date, or location or other assistance?

Request information about upcoming training seminars workshops and conferences in   and other cities listed on FindaSeminar.com Submit a support request and receive a prompt reply.

We guarantee this New Horizons training seminar

We are an authorized partner of New Horizons


Price protection. The price to attend Certified Ethical Hacker is set by the training providerThere is no added charge for our services.

We honor most training provider coupons
*.   Call  a representative to see if your discount coupon applies.

Privacy. Your personal information won't be shared with anyone but the training provider New Horizons.

Security. When you register for this seminar on FindaSeminar.com your personal data and payment information is safely collected and processed using secure SSL encryption technology.

Flexibility. FindaSeminar.com offers you three ways to register for Certified Ethical Hacker seminar by New Horizons.
Register online, by phone (800) 349-1935,or fax (800) 712-5569
Who should attend Certified Ethical Hacker
This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.
Write and read New Horizons reviews and reviews about the training seminar Certified Ethical Hacker on the Seminar News Network and the Training News Network.

Frequently asked questions and registration options for the training seminar Certified Ethical Hacker

Find Training Near You
Use our clickable map to find training near you
Use Our Clickmap
hotel seminars meeting space directory
hotel meeting space training facilities restaurant and lodging


request on site training details for the Certified Ethical Hacker seminarRequest on site training

Certified Ethical Hacker  

 Email information about this seminar Certified Ethical Hacker by New Horizons to yourself your manager or associatesEmail this event... View and register for other training seminars like Certified Ethical Hacker by New Horizons on FindaSeminar.com See similar training.. Find and register for other training seminars by New Horizons on FindaSeminar.com Other seminars from New Horizons


New Horizons   


This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.


see Registration info for seminar cost, group discount etc.

Seminar Summary:

This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. (see full course description)


 Seminar / Training class dates & locations



No seminar dates for this event are currently scheduled.  Please use the seminars search box above or choose one of the following additional training search options to find similar training.

Providers course catalog

Find seminars by state

Find seminars by city

Request on site training

Use Advanced Search



print the agenda print agenda for the Certified Ethical Hacker seminar


Training Course Syllabus:

Course Outline: Certified Ethical Hacker

Learning Method: Instructor-led Classroom Learning

Duration: 5.00 Day(s)

This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. Students then learn how intruders escalate privileges and what steps can be taken to secure a system.

Who Should Attend:
This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

Lesson 1: Ethics and Legality

Why Security?
The Security, functionality and ease of use Triangle
Can Hacking be Ethical?
Essential Terminology.
Elements of Security.
What does a Malicious Hacker do?
Difference between Penetration Testing and Ethical Hacking.
Hacker Classes.
What do Ethical Hackers do?
Skill Profile of an Ethical Hacker.
Modes of Ethical Hacking.
Security Testing.
Computer Crimes and Implications.
Legal Perspective (US Federal Laws).

Lesson 2: Footprinting

Defining Footprinting.
Information Gathering Methodology.
Locate the Network Range.
Hacking Tools

Lesson 3: Scanning

Definition of Scanning.
Types of scanning
Objectives of Scanning
Scanning Methodology
Classification of Scanning
Hacking Tools
IPsec Scan
NetScan Tools pro 2003
OS Fingerprinting
Active Stack fingerprinting
Passive Fingerprinting
Proxy Servers

Lesson 4: Enumeration

What is Enumeration?
NetBios Null Sessions
Null Session Countermeasures
NetBIOS Enumeration
Simple Network Management Protocol (SNMP) Enumeration
SNMP Enumeration Countermeasures
Management Information Base (MIB)
Windows 2000 DNS Zone Transfer
Blocking Win 2k DNS Zone Transfer
Enumerating User Accounts
Active Directory Enumeration and Countermeasures

Lesson 5: System Hacking

Administrator Password Guessing
Manual Password Cracking Algorithm
Automated Password Cracking
Password Types
Types of Password Attacks
Performing Automated Password Guessing
Password Sniffing
Password Cracking Countermeasures
Syskey Utility
Cracking NT/2000 Passwords
SMBRelay Man-in-the-Middle Scenario
SMBRelay Weaknesses and Countermeasures
Keystroke Loggers
Hiding Files
Creating Alternate Data Streams
ADS creation and detection
LADS (List Alternate Data Streams)
NTFS Streams Countermeasures
Stealing Files Using Word Documents
Field Code Countermeasures
Steganography Detection
Covering Tracks
Disabling Auditing and clearing Event Logs
Dump Event Log
Planting the NT/2000 RootKit
Rootkit Countermeasures

Lesson 6: Trojans and Backdoors

Effect on Business
What is a Trojan?
Overt and Covert Channels
Working of Trojans
Different Types of Trojans
What Trojan Creators look for?
Different ways a Trojan can get into a system
Indications of a Trojan Attack
Some famous Trojans and ports used by them
How to determine which ports are “Listening”?
Different Trojans found in the Wild
Packaging Tool : Wordpad
ICMP Tunneling
Loki Countermeasures
Reverse WWW Shell – Covert Channels using HTTP
Process Viewer
System File Verification
Reverse Engineering Trojans
Backdoor Countermeasures

Lesson 7: Sniffers

Definition of sniffing
How a Sniffer works?
Passive Sniffing
Active Sniffing
Man-in-the-Midle Attacks
Spoofing and Sniffing Attacks
ARP Poisoning and countermeasures
Network Probe
Sniffing Countermeasures

Lesson 8: Denial of Service

What is Denial of Service?
Goal of DoS(Denial of Service)
Impact and Modes of Attack
DoS Attack Classification
Buffer Overflow Attacks
Distributed DOS Attacks and Characteristics
Agent Handler Model
IRC-Based DDoS Attack Model
DDoS Attack taxonomy
DDoS Tools
Reflected DOS Attacks
Reflection of the Exploit
Countermeasures for Reflected DoS
DDoS Countermeasures
Defensive Tool: Zombie Zapper
Worms: Slammer and MyDoom.B

Lesson 9: Social Engineering

What is Social Engineering?
Art of Manipulation
Human Weakness
Common Types of Social Engineering
Human Based Impersonation
Example of social engineering
Computer Based Social Engineering
Reverse Social Engineering
Policies and procedures
Security Policies-checklist

Lesson 10: Session Hijacking

Understanding Session Hijacking
Spoofing vs Hijacking
Steps in Session Hijacking
Types of Session Hijacking
TCP Concepts 3 Way Handshake
Sequence numbers
Remote TCP Session Reset Utility
Dangers Posed by Session Hijacking
Protection against Session Hijacking
Countermeasures: IP Security

Lesson 11: Hacking Web Servers

How Web Servers Work?
How are Web Servers Compromised?
Popular Web Servers and Common Security Threats
Apache Vulnerability
Attack against IIS
IIS Components
Sample Buffer Overflow Vulnerabilities
Code Red and ISAPI.DLL Exploit
Unicode Directory Traversal Vulnerability
Msw 3prt IPP Vulnerability
IPP Buffer Overflow Countermeasures
Unspecified Executed Path Vulnerability
File System Traversal Countermeasures
WebDAV/ ntdll.dll Vulnerability
RPCDCOM Vulnerability
ASN Exploits
IIS Logs
Network Tool: Log Analyzer
Hacking Tool: Clean IISLog
Escalating Privileges on IIS
Microsoft IIS 5.0 - 5.1 remote denial of service Exploit Tool
Microsoft Frontpage Server Extensions fp30reg.dll Exploit Tool
GDI+ JPEG Remote Exploit Tool
Windows Task Scheduler Exploit Tool
Microsoft Windows POSIX Subsystem Local Privilege Escalation Exploit Tool
Hot Fixes and Patches
Vulnerability Scanners
Network Tools
Increasing Web Server Security

Lesson 12: Web Application Vulnerabilities

Web Application Set-up
Web Application Hacking
Anatomy of an Attack
Web Application Threats
Cross Site Scripting/XSS Flaws
SQL Injection
Command Injection Flaws
Cookie/Session Poisoning
Parameter/Form Tampering
Buffer Overflow
Directory Traversal/Forceful Browsing
Cryptographic Interception
Authentication Hijacking
Log Tampering
Error Message Interception
Attack Obfuscation
Platform Exploits
Internet Explorer Exploits
DMZ Protocol Attacks
Security Management Exploits
Web Services Attacks
Zero Day Attacks
Network Access Attacks
TCP Fragmentation
Hacking Tools:
Burp: Positioning Payloads
Burp: Configuring Payloads and Content Enumeration
Burp Proxy: Intercepting HTTP/S Traffic
Burp Proxy: Hex-editing of Intercepted Traffic
Burp Proxy: Browser Access to Request History
Google Hacking

Lesson 13: Web Based Password Cracking Techniquesq

Authentication- Definition
Authentication Mechanisms
HTTP Authentication
Basic Authentication
Digest Authentication
Integrated Windows (NTLM) Authentication
Negotiate Authentication
Certificate-based Authentication
Forms-based Authentication
Microsoft Passport Authentication
What is a Password Cracker?
Modus Operandi of an Attacker using Password Cracker
How does a Password Cracker work?
Attacks- Classification
Password Guessing
Query String
Dictionary Maker

Lesson 14: SQL Injection

Attacking SQL Servers
SQL Server Resolution Service (SSRS)
Osql-L Probing
Port Scanning
Sniffing, Brute Forcing and finding Application Configuration Files
Database Scanner
Input Validation Attack
Login Guessing & Insertion
Shutting Down SQL Server
Extended Stored Procedures
SQL Server Talks
Preventive Measures

Lesson 15: Hacking Wireless Networks

Introduction to Wireless Networking
Business and Wireless Attacks
Wireless Basics
Components of Wireless Network
Types of Wireless Network
Setting up WLAN
Detecting a Wireless Network
How to access a WLAN
Advantages and Disadvantages of Wireless Network
Access Point Positioning
Rogue Access Points
What is Wireless Equivalent Privacy (WEP)?
WEP Tool:
Related Technology and Carrier Networks
MAC Sniffing and AP Spoofing
Denial of Service Attacks
Man-in-the-Middle Attack (MITM)
Multi Use Tool: THC-RUT
Tool: WinPcap
Auditing Tool: bsd-airtools
WIDZ- Wireless Detection Intrusion System
Securing Wireless Networks
Out of the box Security
Radius: Used as Additional layer in security
Maximum Security: Add VPN to Wireless LAN

Lesson 16: Virus and Worms

Virus Characteristics
Symptoms of ‘virus-like’ attack
What is a Virus Hoax?
How is a worm different from virus?
Indications of a Virus Attack
Virus History
Virus damage
Effect of Virus on Business
Access Methods of a Virus
Mode of Virus Infection
Life Cycle of a virus
What Virus Infect?
How virus infect?
Writing a simple virus program.
Writing DDOS Zombie Virus
Virus Construction Kits
Virus Creation Scripts
Virus Detection Methods
Virus Incident Response
What is Sheep Dip?
Prevention is better than Cure
Anti-Virus Software
Popular Anti-Virus packages
Virus Analyzers

Lesson 17: Physical Security

Security statistics
Physical Security breach incidents
Understanding Physical Security
What is the need of Physical Security?
Who is Accountable for Physical Security?
Factors affecting Physical Security
Physical Security checklist
Company surroundings
Workstation Area
Wireless Access Points
Other Equipments such as fax, removable media etc
Access Control
Computer Equipment Maintenance
Remote access
Lock Picking Techniques
Spying Technologies

Lesson 18: Linux Hacking

Why Linux?
Linux basics
Why is Linux Hacked?
Linux Vulnerabilities in 2003
How to apply patches to vulnerable programs
Scanning Networks
Password cracking in Linux.
ipchains vs. ipfwadm
How to Organize Firewall Rules
Security Auditor’s Research Assistant (SARA)
TCP Wrappers
Linux Loadable Kernel Modules
Rootkit countermeasures:
Advanced Intrusion Detection System (AIDE)
Linux Security testing tools
Linux tools: Log and traffic monitors:
Linux Security Auditing Tool (LSAT)
Linux Security countermeasures

Lesson 19: Evading Firewalls, IDS and Honeypots

Intrusion Detection Systems
Ways to Detect Intrusion
Types of Intrusion Detection System
Intrusion Detection Tools
Steps to perform after an IDS detects an intrusion
Evading IDS systems
Tools to Evade IDS
Introduction to Firewalls
Firewall Identification
Banner Grabbing
Breaching Firewalls
Placing Backdoors through Firewalls
Hiding Behind Covert Channel: Loki
ACK tunneling
Tools for testing IDS and Firewalls
Introduction to Honeypots
Honeypot Project
Types of Honeypots
Honeypot: Specter
Honeypot: Honeyd
Honeypot: KFSensor
Hacking Tool: Sebek
Tools to Detect Honeypot
Send-Safe Honeypot Hunter
Nessus Security Scanner

Lesson 20: Buffer Overflows

Significance of Buffer Overflow Vulnerability
Why are Programs/Applications Vulnerable?
Buffer Overflows
Reasons for Buffer Overflow Attacks
Knowledge required writing Buffer Overflow Exploits
How a Buffer Overflow occurs?
Understanding Stacks
Stack Implementation
Stack based buffer overflow
Heap Based buffer overflow
How to detect Buffer Overflows in a Program?
Attacking a real program
How to mutate a Buffer Overflow Exploit? featuring ADMutate
Return Address Defender (RAD)
Immunix System
Vulnerability Search - ICAT

Lesson 21: Cryptography

Public-key Cryptography
Working of Encryption
Digital Signature
Digital Certificate
RSA (Rivest Shamir Adleman)
RSA Attacks
Brute forcing RSA factoring
Esoteric attack
Chosen cipher text attack
Low encryption exponent attack
Error analysis
Other attacks
SHA (Secure Hash Algorithm)
SSL (Secure Socket Layer)
What is SSH?
Government Access to Keys (GAK)
RSA Challenge
PGP (Pretty Good Privacy)
Code Breaking Methodologies
Using Brute Force
Frequency Analysis
Trickery and Deceit
One-Time Pad
Cryptography Attacks
Disk Encryption
Cracking S/MIME Encryption using idle CPU Time
Command Line Scriptor

Lesson 22: Penetration Testing - Part 1

Need for a Methodology
Penetration Test vs. Vulnerability Test
Reliance on Checklists and Templates
Phases of Penetration Testing
Passive Reconnaissance
Best Practices
Results that can be expected
Indicative passive reconnaissance steps include (but are not limited to)
Introduction to Penetration Testing
Type of Penetration Testing Methodologies
Open Source Vs Proprietary Methodologies
Security Assessment Vs Security Auditing
Risk Analysis
Types of Penetration Testing
Types Ethical Hacking
Vulnerability Assessment Vs Penetration Testing
Do-it Yourself Testing
Firms Offering Penetration Testing Services
Penetration Testing Insurance
Explication of Terms of Engagement
Pen-Test Service Level Agreements
Offer of Compensation
Starting Point and Ending Points of Testing
Penetration Testing Locations
Black Box Testing
White Box Testing
Grey Box Testing
Manual Penetration Testing
Automated Penetration Testing
Selecting the Right Tools
Pen Test Using Appscan
Evaluating Different Types of Pen-Test Tools
Platform on Which Tools Will be Used
Asset Audit
Fault Tree and Attack Trees
GAP Analysis
Device Inventory
Perimeter Firewall Inventory
Web Server Inventory
Load Balancer Inventory
Local Area Network Inventory
Demilitarized Zone Firewall
Internal Switch Network Sniffer
Application Server Inventory
Database Server Inventory
Name Controller and Domain Name Server
Physical Security
ISP Routers
Legitimate Network Traffic Threat
Unauthorized Network Traffic Threat
Unauthorized Running Process Threat
Loss of Confidential Information
Business Impact of Threat
Pre-testing Dependencies
Post-testing Dependencies
Failure Management
Test Documentation Processes
Penetration Testing Tools
Defect Tracking Tools
Configuration Management Tools
Disk Replication Tools
Pen-Test Project Scheduling Tools
Network Auditing Tools
DNS Zone Transfer Testing Tools
Trace Route Tools and Services
Network Sniffing Tools
Denial of Service Emulation Tools
Traditional Load Testing Tools
System Software Assessment Tools
Operating System Protection Tools
Fingerprinting Tools
Port Scanning Tools
Directory and File Access Control Tools
File Share Scanning Tools
Password Directories
Password Guessing Tools
Link Checking Tools
Web site Crawlers
Web-Testing based Scripting Tools
Buffer Overflow Protection Tools
Buffer Overflow Generation Tools

Lesson 23: Penetration Testing - Part 2

Input Data Validation Tools
File encryption Tools
Database Assessment Tools
Keyboard Logging and Screen Reordering Tools
System Event Logging and Reviewing Tools
Tripwire and Checksum Tools
Mobile-Code Scanning Tools
Centralized Security Monitoring Tools
Web Log Analysis Tools
Forensic Data and Collection Tools
Security Assessment Tools
Multiple OS Management Tools
SANS Institute TOP 20 Security Vulnerabilities
All Operating System Platforms
Default installs of operating systems and applications
Accounts with no passwords or weak passwords
Nonexistent or incomplete backups
Large number of open ports
Not filtering packets for correct incoming and outgoing addresses
Nonexistent or incomplete logging
Vulnerable Common Gateway Interface (CGI) programs
Unicode vulnerability-Web server folder traversal
Internet server application programming interface (ISAPI) extension buffer overflows
IIS Remote Data Services (RDS) exploit
Network Basic Input Output System (NetBIOS), unprotected Windows networking shares
Information leakage via null session connections
Weak hashing in SAM (Security Accounts Manager)-LanManager hash
Buffer overflows in Remote Procedure Call (RPC) services
Sendmail vulnerabilities
Bind weaknesses
Remote system command (such as rcp, rlogin, and rsh) vulnerabilities
Line Printer Daemons (LPD) vulnerabilities
Sadmind and mountd exploits
Default Simple Network Management Protocol (SNMP) strings
Penetration Testing Deliverable Templates
Test Status Report Identifier
Test Variances
Test Comprehensive Assessment
Summary of Results (Incidents)
Test Evaluation
Names of Persons (Approval)
Template Test Incident Report
Template Test Log
Active Reconnaissance
Attack Phase
Activity: Perimeter Testing
Activity: Web Application Testing – I
Activity: Web Application Testing – II
Activity: Wireless Testing
Activity: Acquiring Target
Activity: Escalating Privileges
Activity: Execute, Implant & Retract
Post Attack Phase & Activities
Automated Penetration Testing Tool - CORE Impact

Seminar Summary:

This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. (see full course description)

print this agenda print agenda for the Certified Ethical Hacker training seminar

 view dates and locations for this seminar


 New Horizons training and seminar course catalog

Click any title to view upcoming New Horizons training event dates and locations, class syllabus and other seminar details





  Also try the advanced seminar search tool

   FindaSeminar HomeComputer Training

unix training
training classes

 © 2002-2018 FindaSeminar.com™ All Rights Reserved.  Terms of Use |  Privacy Policy |  Training News Network