introduction to ethical hacking - seco-institute.org · in general •the ethical hacking...
TRANSCRIPT
![Page 1: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/1.jpg)
Introduction to Ethical Hacking
General Introduction to Ethical Hacking Practitioner
![Page 2: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/2.jpg)
General Introductionto Ethical Hacking Practitioner
![Page 3: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/3.jpg)
General Information
3General Introduction to Ethical Hacking Practitioner
![Page 4: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/4.jpg)
4
SECO-Institute Cyber Security & Governance Certification Program
General Introduction to Ethical Hacking Practitioner
![Page 5: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/5.jpg)
In General
• The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification track.
• This course will allow you to acquire intermediate-level Ethical Hacking skills. You will familiarise yourself with such techniques as analysingnetwork traffic, hacking wireless networks, scanning networks, and penetrating computer systems and websites. The course offers a perfect mix of theory and practice, where practical examples are illuminated with case studies.
5General Introduction to Ethical Hacking Practitioner
![Page 6: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/6.jpg)
Learning Objectives
•Students know what steps to take in the preparation and execution of a hack (pentest)
•Students are able to use open and closed sources to gain intelligence on a target
•Students are able to gather intelligence by scanning (network, footprinting & vulnerability)
•Students know how to verify the vulnerabilities found
•Students understand the PKI and possible attack vectors
6General Introduction to Ethical Hacking Practitioner
![Page 7: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/7.jpg)
Course Topics
•The course consists of 8 topics, a recapitulation module and a lab exercise (Capture the Flag)
•Module 1: Introduction to Ethical Hacking Practitioner
•Module 2: Reconnaissance and Intelligence Gathering
•Module 3: Infrastructure Security Part I
•Module 4: Infrastructure Security Part II
•Module 5: Web Applications I
•Module 6: Web Applications II
7General Introduction to Ethical Hacking Practitioner
![Page 8: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/8.jpg)
Course Topics
•Module 7: Systems and Applications
•Module 8: Exploiting Buffer Overflows
• Recapitulation
• Capture the Flag
•Note: Capture the Flag is a practical exercise that makes up 30% of your final examination score. Your CtF results should be saved as a text file and be uploaded to the online examination environment as part of your exam
8General Introduction to Ethical Hacking Practitioner
![Page 9: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/9.jpg)
Course Material
9General Introduction to Ethical Hacking Practitioner
![Page 10: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/10.jpg)
Structure of the Course
• The course material is made up of:
•One slide deck per course module (both notes and tablet version)
• Each module consists of:
• An introduction including a description of the learning objectives
• A graphical depiction of the course structure and/or a brief content overview
• Theory mixed with practice questions or a case study
• A concluding summary
• A Goody Bag with additional information, recommended literature, etc.
10General Introduction to Ethical Hacking Practitioner
![Page 11: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/11.jpg)
Version number
• The version number of the course material can be found at the back cover of each slide deck.
• The version number of this course is EHP-EN-2018-01a
11General Introduction to Ethical Hacking Practitioner
![Page 12: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/12.jpg)
Icons Used in Course Material
12
• Essential information students must know for the exam
• Useful information that will be briefly discussed but is not part of the exam
• Homework that will not be covered in class but is part of the exam
• Definition
• Goody Bag: useful links, literature, etc.
• Region-specific information
• The lack of an icon doesn’t mean the given material is not part of the exam. It still is!
General Introduction to Ethical Hacking Practitioner
![Page 13: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/13.jpg)
13General Introduction to Ethical Hacking Practitioner
![Page 14: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/14.jpg)
Bicsma BV
• SECO-Institute uses the fictional business Bicsma in its exercises
• Bicsma is a fictional organisation created to provide context for the case studies and practical exercises in the courses of the SECO-Institute.
• Information about the Bicsma BV organisation model can be found at http://www.bicsma.com. The username is bicsma and the password is training
14General Introduction to Ethical Hacking Practitioner
![Page 15: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/15.jpg)
Bicsma BV – Welcome!
15
http://www.bicsma.com
General Introduction to Ethical Hacking Practitioner
![Page 16: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/16.jpg)
Examination
16General Introduction to Ethical Hacking Practitioner
![Page 17: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/17.jpg)
Examination
• SECO-Institute allows you to take exams online. Our online examination system allows you to book your exam and take it at any place convenient to you.
• You can book your exam at the SECO-Institute website https://www.seco-institute.org/certification-exams/how-to-book
•When selecting your exam, make sure you select the 2018 version
• Exam results are communicated one month after completion of the exam
• You will receive your certificate after the results have been published
17General Introduction to Ethical Hacking Practitioner
![Page 18: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/18.jpg)
Exam Regulations
• Pass mark: 60% out of 100%
•Open book/notes: no
• The exam regulations can be found on the SECO-Institute website: https://www.seco-institute.org/certification-exams/how-to-register
• Time allotted for the exam: 2 hours
•Number of questions:
• 10 Multiple choice: 3 points per question
• 5 Open questions: 8 points per question
• The last lab exercise makes up 30% of the final examination score, thus results should be saved as a text file. These file should be uploaded to the online examination environment.
18General Introduction to Ethical Hacking Practitioner
![Page 19: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/19.jpg)
Certification
19General Introduction to Ethical Hacking Practitioner
![Page 20: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/20.jpg)
Certification
•Upon successful completion of your exam, you can claim your certification title at the SECO-Institute
20General Introduction to Ethical Hacking Practitioner
![Page 21: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/21.jpg)
Certification
• The SECO-Institute issues 3 types of certification titles:
• SECO-Institute Practitioner certification titles: Upon successful completion of a Practitioner exam, you can claim the Practitioner title.
• SECO-Institute Expert certification titles: Upon successful completion of an Expert exam, you can claim the Expert title.
• SECO-Institute Certified Officer certification titles: In the possession of an expert-level certification, you can apply for the highest-level qualification: the Certified Officer certification. This certification does not only require students to possess (at least expert-level) subject knowledge but also a minimum of 3 years of full-time work experience.
• https://www.seco-institute.org/claim-your-title
21General Introduction to Ethical Hacking Practitioner
![Page 22: Introduction to Ethical Hacking - seco-institute.org · In General •The Ethical Hacking Practitioner course is the second level of the Certified Ethical Hacking Officer certification](https://reader030.vdocuments.site/reader030/viewer/2022021609/5c8ac97f09d3f232478cea75/html5/thumbnails/22.jpg)
22Module 3: Infrastructure Security Part I
EHP-EN-2018-01a