Wir verwenden Cookies, um unsere Webseite für Sie möglichst benutzerfreundlich zu gestalten. Durch die Nutzung dieser Website akzeptieren Sie den Einsatz unserer Cookies. Datenschutzerklärung

Seminar

Wien, Österreich

EC-Council Certified Security Analyst v9 (ECSA)

unverbindliche Terminanfrage
Zertifizierung
Zertifikat nach erfolgreicher Teilnahme
Termine folgen.
ANFRAGEN
Stellen Sie eine unverbindliche Anfrage direkt an den Anbieter um weitere Informationen zu erhalten.
4.200,00
Gesamtbetrag inkl. 20% Ust.
… jetzt mit Ratenzahlung

Beschreibung


  1. Need for Security Analysis


    1. Computer Security Concerns

    2. Information Security Measures

    3. Risk Analysis

    4. Hardening Security

    5. Security Policies

    6. Sample Policies

    7. Information Security Standards

    8. Information Security Acts and Laws


  2. TCP/IP Packet Analysis


    1. Introduction to TCP/IP

    2. TCP/IP Connection

    3. Introduction to IPv6

    4. TCP/IP Security

    5. Internet Control Message Protocol (ICMP)

    6. TCP/IP in Mobile Communications


  3. Penetration Testing Methodologies


    1. Introduction to Penetration Testing

    2. Types of Penetration Testing

    3. Phases of Penetration Testing

    4. Penetration Testing Consultants

    5. Ethics of a Licensed Penetration Tester

    6. Communication Skills of a Penetration Tester

    7. LPT Audited Logos


  4. Customers and Legal Agreements


    1. Why Do Organizations Need Pen Testing?

    2. Penetration Testing ‘Rules of Behavior’

    3. Legal Issues in Penetration Testing

    4. How Much to Charge?


  5. Rules of Engagement


    1. Rules of Engagement (ROE)

    2. Clauses in ROE

    3. Steps for Framing ROE


  6. Penetration Testing Planning and Scheduling


    1. Test Plan and Its Purpose

    2. Content of a Test Plan

    3. Building a Penetration Test Plan

    4. Test Plan Identifier

    5. Test Deliverables

    6. Penetration Testing Planning Phase Define the Pen Testing Scope

    7. Staffing

    8. Kickoff Meeting

    9. Develop the Project Plan


  7. Pre-penetration Testing Steps


    1. Pre-penetration Testing Steps


  8. Information Gathering


    1. What Is Information Gathering?

    2. Information Gathering Terminologies

    3. Information Gathering Steps


  9. Vulnerability Analysis


    1. What Is Vulnerability Assessment?

    2. Why Assessment

    3. Vulnerability Classification

    4. Types of Vulnerability Assessment

    5. How to Conduct a Vulnerability Assessment

    6. How to Obtain a High Quality Vulnerability Assessment

    7. Vulnerability Assessment Phases

    8. Vulnerability Analysis Stages

    9. Comparing Approaches to Vulnerability Assessment

    10. Characteristics of a Good Vulnerability Assessment Solution

    11. Vulnerability Assessment Considerations

    12. Vulnerability Assessment Reports

    13. Vulnerability Report Model

    14. Timeline

    15. Types of Vulnerability Assessment Tools

    16. Choosing a Vulnerability Assessment Tool

    17. Criteria for Choosing a Vulnerability Assessment Tool

    18. Best Practices for Vulnerability Assessment Tools

    19. Vulnerability Assessment Tools

    20. Report

    21. Vulnerability Analysis Chart


  10. External Penetration Testing


    1. External Intrusion Test and Analysis

    2. Why Is It Done?

    3. Client Benefits

    4. External Penetration Testing

    5. Steps for Conducting External Penetration Testing

    6. Recommendations to Protect Your System from External Threats


  11. Internal Network Penetration Testing


    1. Internal Testing

    2. Steps for Internal Network Penetration Testing

    3. Recommendations for Internal Network Penetration Testing+


  12. Firewall Penetration Testing


    1. What Is a Firewall?

    2. What Does a Firewall Do?

    3. Packet Filtering

    4. What Can’t a Firewall Do?

    5. How Does a Firewall Work?

    6. Firewall Logging Functionality

    7. Firewall Policy

    8. Periodic Review of Information Security Policies

    9. Firewall Implementation

    10. Build a Firewall Ruleset

    11. Maintenance and Management of Firewall

    12. Hardware Firewall

    13. Software Firewall

    14. Types of Firewalls

    15. Firewall Penetration Testing Tool: Firewall Test Agent

    16. Firewall Penetration Testing Tools

    17. Firewall Ruleset Mapping

    18. Best Practices for Firewall Configuration

    19. Steps for Conducting Firewall Penetration Testing

    20. Document Everything


  13. IDS Penetration Testing


    1. Introduction to IDS

    2. Application-based IDS

    3. Multi-Layer Intrusion Detection Systems

    4. Multi-Layer Intrusion Detection System Benefits

    5. Wireless Intrusion Detection Systems (WIDSs)

    6. Common Techniques Used to Evade IDS Systems

    7. IDS Penetration Testing Steps

    8. Recommendations for IDS Penetration Testing


  14. Password Cracking Penetration Testing


    1. Password - Terminology

    2. Importance of Passwords

    3. Password Types

    4. Common Password Vulnerabilities

    5. Password Cracking Techniques

    6. Types of Password Attacks

    7. How Are Passwords Stored in Windows?

    8. LM Authentication

    9. NTLM Authentication

    10. Kerberos Authentication

    11. LM, NTLMv1, and NTLMv2

    12. How Are Passwords Stored in Linux?

    13. Steps for Password Cracking Penetration Testing


  15. Social Engineering Penetration Testing


    1. What Is Social Engineering?

    2. Social Engineering Pen Testing

    3. Impact of Social Engineering on the Organization

    4. Common Targets of Social Engineering

    5. Requirements of Social Engineering

    6. Steps in Conducting Social Engineering Penetration Test


  16. Web Application Penetration Testing


    1. Introduction to Web Applications

    2. Web Application Components

    3. Web App Pen Testing Phases

    4. Testing for Web Server Vulnerabilities

    5. Testing Configuration Management

    6. Testing for Client-side Vulnerabilities

    7. Testing Authentication Mechanism

    8. Testing Session Management Mechanism

    9. Testing Authorization Controls

    10. Testing Data Validation Mechanism

    11. Testing Web Services

    12. Testing for Logic Flaws


  17. SQL Penetration Testing


    1. Introduction to SQL Injection

    2. How Do Web Applications Work?

    3. How Does SQL Injection Work?

    4. SQL Injection Attack Paths

    5. Impact of SQL Injection Attacks

    6. Types of SQL Injection Attacks

    7. SQL Injection Attack Characters

    8. SQL Injection Cheat Sheet

    9. SQL Injection Penetration Testing Steps

    10. Best Practices to Prevent SQL Injection


  18. Penetration Testing Reports and Post Testing Actions


    1. Penetration Testing Deliverables

    2. Writing Pen Testing Report

    3. Pen Testing Report Format

    4. Result Analysis

    5. Post Testing Actions

    6. Report Retention


  19. Self-Study Module


    1. Router and Switches Penetration Testing

    2. Wireless Network Penetration Testing

    3. Denial-of Service

    4. Stolen Laptop, PDA's, Cell Phones Penetration Testing

    5. Source Code Penetration Testing

    6. Physical Security Penetration Testing

    7. Surveillance Camera Penetration Testing

    8. Database Penetration Testing

    9. VoILP Penetration Testing

    10. VPN Penetration Testing

    11. Cloud Penetration Testing

    12. Virtual Machine Penetration Testing

    13. War Dialing

    14. Virus and Trojan Detection

    15. Log Management Penetration Testing

    16. File Integrity Checking

    17. Mobile Devices Penetration Testing

    18. Telecommunication and Broadband Communication Penetration Testing

    19. Email Security Penetration Testing

    20. Security Patches Penetration Testing

    21. Data Leakage Penetration Testing

    22. SAP Penetration Testing

    23. Standards and Compliance

    24. Information System Security Principles

    25. Information System Incident Handling and Response

    26. Information System Auditing and Certification



Ziele

Im fünftägigen EC-Council Certified Security Analyst (ECSA) Kurs lernen Sie, sich als Penetration Tester zu spezialisieren. Der interaktive und praxisnahe Kurs verwendet EC-Council iLabs und bringt Ihnen bei, Penetration Tests durchzuführen, indem eine realistische Security Umgebung simuliert wird. Sie lernen außerdem, wie Sie diese Fähigkeiten bestmöglich einsetzen, um Ihr Unternehmen gegen Angriffe von Aussen zu schützen und zu verteidigen.


Die vermittelten Fähigkeiten als Penetration Tester können in vielen modernen Infrastrukturen, Betriebssystemen und Applikationsumgebungen angewendet werden.


Die Module im Lehrplan umfassen:

  • Analyse von Schwachstellen

  • SQL Penetration Tests

  • Database Penetration Tests

  • Cloud Penetration Tests





Hinweis zu den Seminarzeiten - zum Seminarablauf:

  • der Theorieteil wird jeweils vormittags durchgearbeitet

  • die Theorie wird jeweils am Nachmittag in die Praxis umgesetzt

  • die Seminarzeiten sind Montag bis Freitag jeweils 9:00 - 17:00h

  • es wird täglich ein entsprechender Bericht gefertigt, der am Freitag zusammengefaßt an EC-Council gesendet wird. Dieser Bericht ist notwendig für die Prüfungsanmeldung



DOWNLOAD CERTIFICATION TRACK

Voraussetzungen

Für dieses Seminar werden folgende Kenntnisse empfohlen:

0 Bewertungen

0

0

0

0

0