Begin Your Cybersecurity Journey with Hands-On, Technical Foundational Skills in Ethical Hacking.

EC-Council Ethical Hacking Essentials (EHE) Ethical Hacking Essentials training is an introductory cybersecurity course that covers ethical hacking and penetration testing fundamentals and prepares learners for a career in cybersecurity. This course will introduce learners to computer and network security concepts such as threats and vulnerabilities, password cracking, web application attacks, IoT and OT attacks, cloud computing, pentesting fundamentals, and more.

EC-Council’s Essential Series is a hands-on, immersive program focused on eight cybersecurity domains – Ethical hacking, Network Defense, Digital Forensics, Cloud Security, IoT Security, SOC, Threat Intelligence, and DevSecOps. Designed for high school students, recent graduates, career switchers, beginners, and IT/Technology teams with minimum or no prior experience in IT/Cybersecurity, the Essentials Series empowers learners to choose their areas of specialization across essential domains.

What is EC-Council Ethical Hacking Essentials?

Ethical Hacking Essentials is an introductory cybersecurity course that covers ethical hacking and penetration testing fundamentals and prepares learners for a career in cybersecurity. This ethical hacking course will introduce learners to computer and network security concepts such as threats and vulnerabilities, password cracking, web application attacks, loT and OT attacks, cloud computing, pentesting fundamentals, and more. EC-Council’s ethical hacking essentials course provides hands-on practical experience to learners, thus giving them the skills necessary for a future in cybersecurity. Put your newly acquired abilities to the test with an exhilarating Capture the Flag (CTF) Exercise seamlessly integrated in our Capstone project. This CTF is seamlessly integrated by live virtual machines, genuine software, and real networks, all delivered within a secure and regulated sandbox environment. With these exclusive hands-on, human-versus-machine CTF challenges you will develop the hands-on proficiencies essential for success in your cyber professional role

Learning OBJECTIVES

• Fundamentals of Ethical Hacking
• Web application threats and attacks
• Password cracking Techniques
• Insider threats and identity theft
• DoS and DDoS attacks
• Web server attacks
• Mobile attacks
• IoT & OT Attacks
• Cloud computing concepts

Prerequisites

• No eligibility criteria for this program.

Course Outline

Information Security Fundamentals

• Information security fundamentals
• Information security laws and regulations

Ethical Hacking Fundamentals

• Cyber Kill Chain Methodology
• Hacking Concepts and Hacker Classes
• Different Phases of Hacking Cycle
• Ethical Hacking Concepts, Scope, and Limitations
• Ethical Hacking Tools

Lab Exercise

• Passive Footprinting to Gather Information About a Target
• Network Scanning to Identify Live Hosts, Open Ports and Services and Target OS in the Network
• Enumeration on a System or Network to Extract Usernames, Machine Names, Network Resources, Shares, etc.

Information Security Threats and Vulnerabilities

• Threat and Threat Sources
• Malware and its Types
• Malware Countermeasures
• Vulnerabilities
• Vulnerability Assessment

Lab Exercise

• Vulnerability Assessment to Identify Security Vulnerabilities in the Target System or Network

Password Cracking Techniques and Countermeasures

• Password Cracking Techniques
• Password Cracking Tools
• Password Cracking Countermeasures

Lab Exercise

• Perform Active Online Attack to Crack the System’s Password
• Audit System Passwords

Social Engineering Techniques and Countermeasures

• Social Engineering Concepts and its Phases
• Social Engineering Techniques
• Insider Threats and Identity Theft
• Social Engineering Countermeasures

Lab Exercise

• Social Engineering Using Various Techniques to Sniff Users’ Credentials
• Detect a Phishing Attack

Network-Level Attacks and Countermeasures

• Packet Sniffing Concepts
• Sniffing Techniques
• Sniffing Countermeasures
• DoS and DDoS Attacks
• DoS and DDoS Attack Countermeasures
• Session Hijacking Attacks
• Session Hijacking Attack Countermeasures

Lab Exercise

• Perform MAC Flooding to Compromise the Security of Network Switches
• Perform ARP Poisoning to Divert all Communication between Two Machines
• Detect ARP Attacks using ARP Spoofing Detection Tools to Ensure Data Privacy
• Perform DoS and DDoS Attacks using Various Techniques on a Target Host to Prevents Access to System Resources for Legitimate Users
• Detect and Protect Against DDoS Attack
• Perform Session Hijacking to Seize Control of a Valid TCP Communication Session Between Two Computers
• Detect Session Hijacking Attempts using Manual Method

Web Application Attacks and Countermeasures

• Web Server Attacks
• Web Server Attack Countermeasures
• Web Application Architecture and Vulnerability Stack
• Web Application Threats and Attacks
• Web Application Attack Countermeasures
• SQL Injection Attacks
• SQL Injection Attack Countermeasures

Lab Exercise

• Perform a Web Server Attack to Crack FTP Credentials
• Perform a Web Application Attack to Compromise the Security of Web Applications to Steal Sensitive Information
• Perform SQL Injection Attacks on a Target Web Application to Manipulate the Backend Database
• Detect SQL Injection Vulnerabilities using SQL Injection Detection Tools

Wireless Attacks and Countermeasures

• Wireless Terminology
• Types of Wireless Encryption
• Wireless Network-specific Attack Techniques
• Bluetooth Attacks
• Wireless Attack Countermeasures

Lab Exercise

• Perform Wi-Fi Packet Analysis
• Perform Wireless Attacks to Crack Wireless Encryption

Mobile Attacks and Countermeasures

• Mobile Attack Anatomy
• Mobile Attack Vectors and Mobile Platform Vulnerabilities
• Mobile Device Management (MDM) Concept
• Mobile Attack Countermeasures

Lab Exercise

• Hack an Android Device by Creating Binary Payloads
• Secure Android Devices using Various Android Security Tools

IoT and OT Attacks and Countermeasures

• IoT Concepts
• IoT Threats and Attacks
• IoT Attack Countermeasures
• OT Concepts
• OT Threats and Attacks
• OT Attack Countermeasures

Lab Exercise

• Perform Footprinting using Various Footprinting Techniques
• Capture and Analyze IoT Device Traffic

Cloud Computing Threats and Countermeasures

• Cloud Computing Concepts
• Container Technology
• Cloud Computing Threats
• Cloud Computing Countermeasures

Lab Exercise

• Perform S3 Bucket Enumeration using Various S3 Bucket Enumeration Tools
• Exploit S3 Buckets

Penetration Testing Fundamentals

• Fundamentals of Penetration Testing and its Benefits
• Various Types and Phases of Penetration Testing
• Guidelines and Recommendations for Penetration Testing

Training and Exam

Training Details: Self-paced, in-demand lecture videos led by world-class instructors and hands-on labs.

Pre-requisite: No prior cybersecurity knowledge or IT work experience required.

Exam Details:

• Exam Code: 112-52
• Number of Questions: 75
• Duration: 2 hours
• Test Format: Multiple Choice
• 750+ pages of e-course-ware

 

Buy Exam Voucher