Title

text name

text name

text name

text name

Title

text name

text name

text name

text name

Hacker Ethique Certifié | Certification CEH


Pour battre un hacker, il faut penser comme tel !

Le Certified Ethical Hacker (CEH) fournit une compréhension approfondie des phases de piratage éthique, des divers vecteurs d’attaque et des contre-mesures préventives. Il vous apprendra comment les pirates pensent et agissent afin que vous soyez mieux placé pour configurer votre infrastructure de sécurité et vous défendre contre les attaques. En fournissant une compréhension des faiblesses et des vulnérabilités du système, le cours CEH aide les étudiants à apprendre à protéger leur organisation et à renforcer leurs contrôles de sécurité afin de minimiser le risque d'attaque malveillante.

CEH a été conçu pour intégrer un environnement pratique et un processus systématique dans chaque domaine et méthodologie de piratage éthique, vous permettant de travailler à prouver les connaissances et les compétences requises pour obtenir le titre CEH et effectuer le travail d'un hacker éthique.

CEH On-Demand iClass Program

Self-Paced Learning, Anytime, Anywhere.

On-Demand Training Includes:
  • CEHv12 Online Self-Paced Streaming Video Course (1 year access)
  • E-Courseware
  • CyberQ Labs (6 months)
  • Certificate of Completion
  • Certification Exam

Achieving the CEH Certification Credential

 

After taking an authorized course, candidates can attempt the CEH exam. Candidates who successfully pass the exam will receive their CEH certificate and membership privileges. After proving knowledge by achieving the CEH credential, candidates have the added option to proceed to attempt the CEH (Practical) exam to prove their skills and abilities. The CEH (Practical) is a 6-hour practical exam created by subject matter experts in the ethical hacking industry. The exam tests skills and abilities in a timed environment across major operating systems, databases, and networks. Candidates with both the CEH and CEH (Practical) certifications are designated as CEH Masters, having validated the full scope of their abilities.

 

CEH (ANSI)

  • Exam Title: Certified Ethical Hacker (ANSI)
  • Exam Code: 312-50 (ECC EXAM), 312-50 (VUE)
  • Number of Questions: 125
  • Test Format: Multiple Choice
  • Duration: 4 Hours
  • Availability: ECC EXAM* / VUE
    • Local proctor for Private and in-person courses.
    • Live remote proctor for online ECC Exam option.

Passing Score: Please refer to https://cert.eccouncil.org/faq.html

Some job roles accessible to CEH certification holders:

 

  • Cyber Security Forensic Analyst
  • Cyber Security Analyst
  • CND Security Specialist
  • CND Fusion Analyst
  • Cyberspace Network Defense (CND) Technician
  • Cyber Red Team Operator
  • Cyber Network Defense (CND) Analyst
  • Cyber Security Forensic Analyst
  • Computer Network Defense Intrusion Analyst
  • Cyber Security Engineer
  • Information Security Engineer
  • CND Cyber Analyst
  • Network Security Engineer
  • Cyber Threat Analyst
  • SOC Security Analyst
  • Information Security Analyst
  • IT Security Compliance Specialist
  • Global Security Assurance Analyst
  • Security Analyst Tier 3
  • Security Operations Analyst
  • Security Incident Response Analyst

About the Certified Ethical Hacker Master

 

To earn the CEH Master certification, you must pass the CEH Practical exam. The CEH Practical Exam was designed to give students a chance to prove they can execute the principles taught in the CEH course. The practical exam requires you to demonstrate the application of ethical hacking techniques such as threat vector identification, network scanning, OS detection, vulnerability analysis, system hacking, and more.

 

The CEH Practical does not contain simulations. Rather, you will be challenging a live range that was designed to mimic a corporate network through the use of live virtual machines, networks, and applications.
 
Successfully navigating and completing the challenges found in the CEH (Practical) Exam is the next step after attaining the Certified Ethical Hacker (CEH) certification. Successfully passing both the CEH exam and the CEH Practical will earn you the additional certification of CEH Master.

 

CEH-RoadtoMaster-2

 

About the Certified Ethical Hacker (CEH) Course

20 Modules that help you master the foundations of Ethical Hacking and prepare to challenge the CEH certification exam.

Modules Key topics covered Objective
Module 1: Introduction to Ethical Hacking Elements of Information Security, Cyber Kill Chain Methodology, MITRE ATT&CK Framework, Hacker Classes, Ethical Hacking, Information Assurance (IA), Risk Management, Incident Management, PCI DSS, HIPPA, SOX, GDPR

Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures.

Module 2: Footprinting & Reconnaissance

Footprinting, Advanced Google Hacking Techniques, Deep and Dark Web Footprinting, Competitive Intelligence Gathering, Website Footprinting, Website Mirroring, Email Footprinting, Whois Lookup, DNS Footprinting, Traceroute Analysis, Footprinting Tools

Learn how to use the latest techniques and tools to perform footprinting and reconnaissance, a critical pre-attack phase of the ethical hacking process.

 

Module 3: Scanning networks Network Scanning, Host Discovery Techniques, Port Scanning Techniques, Service Version Discovery, OS Discovery, Banner Grabbing, OS Fingerprinting, Packet Fragmentation, Source Routing, IP Address Spoofing, Scanning Tools

Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures.

Module 4: Enumeration

Enumeration, NetBIOS Enumeration, SNMP Enumeration, LDAP Enumeration, NTP Enumeration, NFS Enumeration, SMTP Enumeration, DNS Cache Snooping, DNSSEC Zone Walking, IPsec Enumeration, VoIP Enumeration, RPC Enumeration, Unix/Linux User Enumeration, Enumeration Tools

Learn various enumeration techniques, such as Border Gateway Protocol (BGP) and Network File Sharing (NFS) exploits, and associated countermeasures.

 

Module 5: Vulnerability Analysis Enumeration, NetBIOS Enumeration, SNMP Enumeration, LDAP Enumeration, NTP Enumeration, NFS Enumeration, SMTP Enumeration, DNS Cache Snooping, DNSSEC Zone Walking, IPsec Enumeration, VoIP Enumeration, RPC Enumeration, Unix/Linux User Enumeration, Enumeration Tools

Learn various enumeration techniques, such as Border Gateway Protocol (BGP) and Network File Sharing (NFS) exploits, and associated countermeasures.

 

  Module 6: System Hacking

Password Cracking, Password Attacks, Wire Sniffing, Password-Cracking Tools, Vulnerability Exploitation, Buffer Overflow, Privilege Escalation, Privilege Escalation Tools, Keylogger, Spyware, Anti-Keyloggers, Anti-Spyware, Rootkits, Anti-Rootkits, Steganography, Steganography Tools, Steganalysis, Steganography Detection Tools, Maintaining Persistence, Post Exploitation, Clearing Logs, Covering Tracks, Track-Covering Tools

Learn about the various system hacking methodologies—including steganography, steganalysis attacks, and covering tracks—used to discover system and network vulnerabilities.

 

 

  Module 7: Malware Threats Malware, Components of Malware, APT, Trojan, Types of Trojans, Exploit Kits, Virus, Virus Lifecycle, Types of Viruses, Ransomware, Computer Worms, Fileless Malware, Malware Analysis, Static Malware Analysis, Dynamic Malware Analysis, Virus Detection Methods, Trojan Analysis, Virus Analysis, Fileless Malware Analysis, Anti-Trojan Software, Antivirus Software, Fileless Malware Detection Tools

Get an introduction to the different types of malware, such as Trojans, viruses, and worms, as well as system auditing for malware attacks, malware analysis, and countermeasures.

 

 

  Module 8: Sniffing Network Sniffing, Wiretapping, MAC Flooding, DHCP Starvation Attack, ARP Spoofing Attack, ARP Poisoning, ARP Poisoning Tools, MAC Spoofing, STP Attack, DNS Poisoning, DNS Poisoning Tools, Sniffing Tools, Sniffer Detection Techniques, Promiscuous Detection Tools

Learn about packet sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks.

 

  Module 9: Social Engineering

Social Engineering, Types of Social Engineering, Phishing, Phishing Tools, Insider Threats/Insider Attacks, Identity Theft

 

Learn social engineering concepts and techniques, including how to identify theft attempts, audit human-level vulnerabilities, and suggest social engineering countermeasures.

 

  Module 10: Denial of Service

DoS Attack, DDoS Attack, Botnets, DoS/DDoS Attack Techniques, DoS/DDoS Attack Tools, DoS/DDoS Attack Detection Techniques, DoS/DDoS Protection Tools

 

Learn about different Denial of Service (DoS) and Distributed DoS (DDoS) attack techniques, as well as the tools used to audit a target and devise DoS and DDoS countermeasures and protections.

 

  Module 11: Session Hijacking Session Hijacking, Types of Session Hijacking, Spoofing, Application-Level Session Hijacking, Man-in-the-Browser Attack, Client-side Attacks, Session Replay Attacks, Session Fixation Attack, CRIME Attack, Network Level Session Hijacking, TCP/IP Hijacking, Session Hijacking Tools, Session Hijacking Detection Methods, Session Hijacking Prevention Tools

Understand the various session hijacking techniques used to discover network-level session management, authentication, authorization, and cryptographic weaknesses and associated countermeasures.

 

  Module 12: Evading IDS, Firewalls, and Honeypots Intrusion Detection System (IDS), Intrusion Prevention System (IPS), Firewall, Types of Firewalls, Honeypot, Intrusion Detection Tools, Intrusion Prevention Tools, IDS Evasion Techniques, Firewall Evasion Techniques, Evading NAC and Endpoint Security, IDS/Firewall Evading Tools, Honeypot Detection Tools

Get introduced to firewalls, intrusion detection systems, and honeypot evasion techniques; the tools used to audit a network perimeter for weaknesses; and countermeasures.

 

  Module 13: Hacking Web Servers Web Server Operations, Web Server Attacks, DNS Server Hijacking, Website Defacement, Web Cache Poisoning Attack, Web Server Attack Methodology, Web Server Attack Tools, Web Server Security Tools, Patch Management, Patch Management Tools

Learn about web server attacks, including a comprehensive attack methodology used to audit vulnerabilities in web server infrastructures and countermeasures.

 

  Module 14: Hacking Web Applications Web Application Architecture, Web Application Threats, OWASP Top 10 Application Security Risks – 2021, Web Application Hacking Methodology, Web API, Webhooks, and Web Shell, Web API Hacking Methodology, Web Application Security

Learn about web application attacks, including a comprehensive web application hacking methodology used to audit vulnerabilities in web applications and countermeasures.

 

  Module 15: SQL Injection SQL Injection, Types of SQL injection, Blind SQL Injection, SQL Injection Methodology, SQL Injection Tools, Signature Evasion Techniques, SQL Injection Detection Tools

Learn about SQL injection attack techniques, injection detection tools, and countermeasures to detect and defend against SQL injection attempts.

 

  Module 16: Hacking Wireless Networks Wireless Terminology, Wireless Networks, Wireless Encryption, Wireless Threats, Wireless Hacking Methodology, Wi-Fi Encryption Cracking, WEP/WPA/WPA2 Cracking Tools, Bluetooth Hacking, Bluetooth Threats, Wi-Fi Security Auditing Tools, Bluetooth Security Tools

Learn about wireless encryption, wireless hacking methodologies and tools, and Wi-Fi security tools.

 

  Module 17: Hacking Mobile Platforms Mobile Platform Attack Vectors, OWASP Top 10 Mobile Risks, App Sandboxing, SMS Phishing Attack (SMiShing), Android Rooting, Hacking Android Devices, Android Security Tools, Jailbreaking iOS, Hacking iOS Devices, iOS Device Security Tools, Mobile Device Management (MDM), OWASP Top 10 Mobile Controls, Mobile Security Tools

Learn about mobile platform attack vectors, Android vulnerability exploits, and mobile security guidelines and tools.

 

  Module 18: IoT and OT Hacking IoT Architecture, IoT Communication Models, OWASP Top 10 IoT Threats, IoT Vulnerabilities, IoT Hacking Methodology, IoT Hacking Tools, IoT Security Tools, IT/OT Convergence (IIOT), ICS/SCADA, OT Vulnerabilities, OT Attacks, OT Hacking Methodology, OT Hacking Tools, OT Security Tools

Learn about packet sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks.

 

  Module 19: Cloud Computing Cloud Computing, Types of Cloud Computing Services, Cloud Deployment Models, Fog and Edge Computing, Cloud Service Providers, Container, Docker, Kubernetes, Serverless Computing, OWASP Top 10 Cloud Security Risks, Container and Kubernetes Vulnerabilities, Cloud Attacks, Cloud Hacking, Cloud Network Security, Cloud Security Controls, Cloud Security Tools

Learn different cloud computing concepts, such as container technologies and serverless computing, various cloud-based threats and attacks, and cloud security techniques and tools.

 

  Module 20: Cryptography Cryptography, Encryption Algorithms, MD5 and MD6 Hash Calculators, Cryptography Tools, Public Key Infrastructure (PKI), Email Encryption, Disk Encryption, Cryptanalysis, Cryptography Attacks, Key Stretching

In the final module, learn about cryptography and ciphers, public-key infrastructure, cryptography attacks, and cryptanalysis tools.