|
Target audience
~
IT Managers
~
IT Security Managers
~
IT Security Team members
~
Network Engineers
~
System Administrators
Course content
Through a number of practical hacking
exercises, the participants will attain a high level of confidence
in evaluating the security level of a given system as well
as the insight to define the best path to hardening it.
The delegate will reproduce the actual attack that a hacked
would make in order to achieve privileged access and will
become accustomed to the various types of testing tools through
practical usage.
Delegates will learn
about the following:
~
Vulnerabilities - what they and where do they come from. False
positives and False negatives. Verification of test results.
~
Operating systems - Windows operating systems - including
NetBios enumeration and attack. Unix Operating systems - Enumeration
NFS, RPC, Finger, r commands etc
~
Network tools - enumeration and attack. Network tools - Netcat,
fpipe, nmap, snmpwalk
~
Firewalls - weaknessed in firewall rule sets and exploitation
~
Hacking exercies - exploit existing vulnerabilities to attain
administrator rights
~
Databases - overview of database security. SQL injection
~
Man-in-the-middle attacks - ARP spoofing, ARP flooding, sniffing
switched networks
~
Wireless hacking techniques - overview of wireless technologies,
wireless scanning and enumeration Netstumbler, Kismet, ethereal
etc. cracking wireless encryption; identifying and analysing
vulnerabilities.
Prerequisites
Delegates are advised to take the Internet
Security Fundamentals course before attending Internet
Security Advanced.
This course is run
in association with QT&C
|