This course will introduce you into
an interactive environment where they will be shown how to scan,
test, hack and secure their own systems. The lab intensive
environment gives each student in-depth knowledge and practical
experience with the current essential security systems. Students
will begin by understanding how perimeter defenses work and then be
lead into scanning and attacking their own networks, no real network
is harmed. Students then learn how intruders escalate privileges and
what steps can be taken to secure a system. Students will also learn
about Intrusion Detection, Policy Creation, Social Engineering, DDoS
Attacks, Buffer Overflows and Virus Creation. When a student leaves
this intensive 5 day class they will have hands on understanding and
experience in Ethical Hacking.
This course prepares
you for EC-Council Certified Ethical Hacker exam 312-50
Learn More about the Certified
Ethical Hacker Course
Who Should Attend
These statistics
may be alarming, but the actual state of computer security
may be worse
than the statistics suggest. Many organizations are still
not equipped to detect security
breaches. Only 61 percent (up from 50 percent in 2000) of
those polled in the certified
ethical hacker survey reported using intrusion detection.
Thus, it is likely the actual number of attacks and losses
are greater than those reported. While it appears that organizations
are starting to
implement more security controls, security incidents and losses
continue to grow. This
could be due to the fact that the security products are not
implemented correctly or that the
proper policies and procedures are not built around them.
In the 2001 certified ethical
hacker director, provided this insight on why incidents
and loss continue to grow:
Duration:
5 days (9:00 – 5:00)
Certification
The Certified Ethical Hacker certification exam 312-50
will be conducted on the last day of training. Students need to pass
the online Prometric exam to receive CEH
certification.
Resources
To further your studies, you should check out the Network Security Archive.
Learn More about the Certified
Ethical Hacker Course
Despite this new publicity, many users and senior managers
still do not fully
understand the magnitude of the threat. Without the support
of the end users, system
administrators constantly have to defend against security
holes inadvertently opened by
the users. Additionally, without the support of management,
security and system
administrators cannot obtain the resources they need to protect
the company. This puts the
technical staff in a difficult position when trying to obtain
the full support of the organization
to defend against the threat. Sometimes numbers speak louder
than words to show an
organization's exposure to risk and to gain the support of
management.
Frequently we have to convince clients that information systems
security is necessary and
that the threat from hackers is substantial enough to invest
in proactive security measures.
Since there is no quantifiable measurement of successful security
tactics (other than not
being hacked), it is difficult to gain support for a security
project. Also, unrealistic
expectations of the cost of effective security or overreliance
on one or two security systems
can be a fatal flaw in the network.
There are two large problems security and system administrators
need to overcome. First,
management often believes that the computer security threat
is not a great enough risk to
justify funds for protective measures. Second, there is a
general misunderstanding of how
complex the problem of computer security really is and how
many resources are required
to adequately defend against attacks. For example, firewalls
are necessary components of
a security architecture, but firewalls alone do not protect
networks. An improperly
configured firewall or a firewall without other security measures
in place can be worse than
an open system if it provides the company with a false sense
of security.
An information security consultant typically tries to help
organizations become safer and
more secure from hackers. They are usually individuals with
a technology-related degree
or equivalent technical experience gained either professionally
or as a hobby. They likely
have a large collection of licensed security tools (commercial,
freeware, or shareware), are
familiar with all of them, have a user-level understanding
of a majority of them, and are
extensively experienced with the workings of one or two favorite
tools in each tool
category. For example, they may have a favorite port scanner,
a favorite war dialer, and a
favorite vulnerability scanner that they use in their penetration-testing
engagements.
An information security consultant does not need to have a
programmer's understanding of
a network in order to be effective at performing a comprehensive
analysis of a network's
security posture. A consultant is most likely a member of
the middle tier of hackers in terms
of experience and skill. Many of the better consultants started
with system administration
positions.
A consultant must have a sufficient tool set and a reliable
methodology for pe
Source: Hack IT: Security Through Penetration Testing
