This course is a hands-on journey into the hacking mindset, examining and practically applying the tools and techniques that hackers use. Delivery is in an interactive format with the use of multi-media and practical hands-on workshops. Open discussion is strongly encouraged. A 1 hour examination is held on the final day, assessing delegate understanding of the objectives. Passing this examination (combined with satisfactory completion of practical workshops) will result in the Certified Security Testing Associate (CSTA) qualification being awarded.

Course Benefits
*Delegates will learn about the hacker mindset and become familiar with the tools used to attack systems.
*Our state-of-the-art class environment covers Windows and UNIX operating systems and associated server software. *A wide range of hacking tools is featured.
*The course is designed to educate for the purpose of properly defending systems from hacking attacks.

Course Objectives
Delegates will learn:
*How to use the tools, techniques and methodologies employed by hackers in a purpose-built lab environment
*How hackers can accurately collect and assimilate information about an organisation’s infrastructure whilst avoiding detection
*How information may be used to assess weaknesses and subsequently launch an attack against a target
*Typical techniques used to gain or force access into a system
*The types of tools used to leverage access on a system
*How hackers conceal their tracks and the route through which access to a target may be maintained
*Limitations of firewalls and the tools used to bypass them
*How hackers bypass Intrusion Detection Systems (IDS)
*Measures to secure and protect information against hacker attacks

Audience
Those responsible for the security of IT systems within an organisation, including but not limited to: Systems / Network Administrators, Auditors, Security Officers, IT Security Professionals and those with an interest in this fascinating subject.

Pre-Requisites
A basic understanding of TCP/IP and a background in Microsoft Windows and / or UNIX is essential.

Course Content
*Hacking – An Introduction
A background into hacking
Hacker genres
Overview of several high profile attacks

*Risks to Business
Impacts to business and reputation
Operational and financial risks

*A Background to TCP/IP
A descriptive overview of TCP/IP & networking
Spoofing & session hijacking
Denial of Service (DoS)

*Methodology Overview
The anatomy of a typical attack

*Tools & Techniques
Types of tools and techniques employed by hackers

*Information Discovery
How information about a target may be discretely gathered

*Target Scanning & System Detection
Examining the target landscape
Sophisticated scanning types including operating system detection

*Vulnerability Assessment
How attackers probe & test for weakness
The use of ‘Firewalking’ to map out access controls

*Exploitation & Privilege Escalation
How access may be gained & privilege escalated to achieve full control of Windows and UNIX systems

*Trojans, Back-Doors & Root Kits
Practical hands-on use of ‘Trojan horses’ & ‘back doors’
Working with root kits to hide the presence of a hacker at the application and kernel level

*Firewall & IDS Evasion
How attacks may traverse a firewall
The role of intrusion detection & how it may be evaded using advanced techniques

*Hacking Prevention
Security policy, system integrity, hardening & monitoring
Security tools, vulnerability assessment & penetration testing